auth
auth/token_postgres.go
Clean up sessions and tokens after Profile is deleted. Add a terminateSessionsByProfile method to our sessionStore to mark Sessions associated with a Profile as inactive. Implement memstore and postgres implementations of the terminateSessionsByProfile method. Add a TerminateSessionsByProfile wrapper method to Context. Add a revokeTokensByProfileID method to our tokenStore to mark Tokens associated with a Profile as revoked. Implement memstore and postgres implementation of the revokeTokensByProfileID method. Add a RevokeTokensByProfileID wrapper method to Context. Call our RevokeTokensByProfileID and TerminateSessionsByProfile methods after a Profile is deleted, to clean up the Tokens and Sessions associated with it.
1.1 --- a/token_postgres.go Sat Apr 11 17:58:15 2015 -0400 1.2 +++ b/token_postgres.go Sat Apr 11 19:07:26 2015 -0400 1.3 @@ -142,6 +142,31 @@ 1.4 return nil 1.5 } 1.6 1.7 +func (p *postgres) revokeTokensByProfileIDSQL(profileID uuid.ID) *pan.Query { 1.8 + var t Token 1.9 + query := pan.New(pan.POSTGRES, "UPDATE "+pan.GetTableName(t)+" SET ") 1.10 + query.Include(pan.GetUnquotedColumn(t, "Revoked")+" = ?", true) 1.11 + query.IncludeWhere() 1.12 + query.Include(pan.GetUnquotedColumn(t, "ProfileID")+" = ?", profileID) 1.13 + return query.FlushExpressions(" ") 1.14 +} 1.15 + 1.16 +func (p *postgres) revokeTokensByProfileID(profileID uuid.ID) error { 1.17 + query := p.revokeTokensByProfileIDSQL(profileID) 1.18 + res, err := p.db.Exec(query.String(), query.Args...) 1.19 + if err != nil { 1.20 + return err 1.21 + } 1.22 + rows, err := res.RowsAffected() 1.23 + if err != nil { 1.24 + return err 1.25 + } 1.26 + if rows == 0 { 1.27 + return ErrProfileNotFound 1.28 + } 1.29 + return nil 1.30 +} 1.31 + 1.32 func (p *postgres) getTokensByProfileIDSQL(profileID uuid.ID, num, offset int) *pan.Query { 1.33 var token Token 1.34 fields, _ := pan.GetFields(token)