auth
auth/memstore.go
Add support for bulk changes and for logins. Logins now get stored, listed, removed, and updated. You can select a profile by the login associated with it. Also added support for bulk changing profiles, because it may be necesary to set many profiles to compromised at the same time, and there's no sense in requiring a statement per profile.
| paddy@28 | 1 package auth |
| paddy@28 | 2 |
| paddy@31 | 3 import ( |
| paddy@31 | 4 "sync" |
| paddy@31 | 5 |
| paddy@31 | 6 "secondbit.org/uuid" |
| paddy@31 | 7 ) |
| paddy@28 | 8 |
| paddy@28 | 9 type Memstore struct { |
| paddy@28 | 10 tokens map[string]Token |
| paddy@28 | 11 refreshTokenLookup map[string]string |
| paddy@28 | 12 profileTokenLookup map[string][]string |
| paddy@28 | 13 tokenLock sync.RWMutex |
| paddy@29 | 14 |
| paddy@29 | 15 grants map[string]Grant |
| paddy@29 | 16 grantLock sync.RWMutex |
| paddy@31 | 17 |
| paddy@31 | 18 clients map[string]Client |
| paddy@31 | 19 profileClientLookup map[string][]uuid.ID |
| paddy@31 | 20 clientLock sync.RWMutex |
| paddy@38 | 21 |
| paddy@41 | 22 endpoints map[string][]Endpoint |
| paddy@41 | 23 endpointLock sync.RWMutex |
| paddy@41 | 24 |
| paddy@38 | 25 profiles map[string]Profile |
| paddy@38 | 26 profileLock sync.RWMutex |
| paddy@44 | 27 |
| paddy@44 | 28 logins map[string]Login |
| paddy@44 | 29 profileLoginLookup map[string][]string |
| paddy@44 | 30 loginLock sync.RWMutex |
| paddy@28 | 31 } |
| paddy@28 | 32 |
| paddy@28 | 33 func NewMemstore() *Memstore { |
| paddy@28 | 34 return &Memstore{ |
| paddy@31 | 35 tokens: map[string]Token{}, |
| paddy@31 | 36 refreshTokenLookup: map[string]string{}, |
| paddy@31 | 37 profileTokenLookup: map[string][]string{}, |
| paddy@31 | 38 grants: map[string]Grant{}, |
| paddy@31 | 39 clients: map[string]Client{}, |
| paddy@31 | 40 profileClientLookup: map[string][]uuid.ID{}, |
| paddy@41 | 41 endpoints: map[string][]Endpoint{}, |
| paddy@38 | 42 profiles: map[string]Profile{}, |
| paddy@44 | 43 logins: map[string]Login{}, |
| paddy@44 | 44 profileLoginLookup: map[string][]string{}, |
| paddy@28 | 45 } |
| paddy@28 | 46 } |
| paddy@28 | 47 |
| paddy@28 | 48 func (m *Memstore) lookupTokenByRefresh(token string) (string, error) { |
| paddy@28 | 49 m.tokenLock.RLock() |
| paddy@28 | 50 defer m.tokenLock.RUnlock() |
| paddy@28 | 51 t, ok := m.refreshTokenLookup[token] |
| paddy@28 | 52 if !ok { |
| paddy@28 | 53 return "", ErrTokenNotFound |
| paddy@28 | 54 } |
| paddy@28 | 55 return t, nil |
| paddy@28 | 56 } |
| paddy@28 | 57 |
| paddy@28 | 58 func (m *Memstore) lookupTokensByProfileID(id string) ([]string, error) { |
| paddy@28 | 59 m.tokenLock.RLock() |
| paddy@28 | 60 defer m.tokenLock.RUnlock() |
| paddy@28 | 61 return m.profileTokenLookup[id], nil |
| paddy@28 | 62 } |
| paddy@31 | 63 |
| paddy@33 | 64 func (m *Memstore) lookupClientsByProfileID(id string) []uuid.ID { |
| paddy@31 | 65 m.clientLock.RLock() |
| paddy@31 | 66 defer m.clientLock.RUnlock() |
| paddy@33 | 67 c, ok := m.profileClientLookup[id] |
| paddy@33 | 68 if !ok { |
| paddy@33 | 69 return []uuid.ID{} |
| paddy@33 | 70 } |
| paddy@33 | 71 return c |
| paddy@31 | 72 } |