229a53fa0a
changes authentication to no longer use a refresh token & access token for accessing protected endpoints. Instead only an auth token is used. Before the login flow was: Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) -> protected endpoint request (attach access token as Authorization header) -> access token expires in 15 minutes, so use refresh token to obtain new one when that happens now it looks like this: Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont request (token sent) the reasoning for using the refresh + access token was to reduce DB calls, but in the end I don't think its worth the hassle.
77 lines
2.0 KiB
Go
77 lines
2.0 KiB
Go
// Code generated by sqlc. DO NOT EDIT.
|
|
// source: token.sql
|
|
|
|
package db
|
|
|
|
import (
|
|
"context"
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
)
|
|
|
|
const createAuthToken = `-- name: CreateAuthToken :one
|
|
INSERT INTO auth_token (user_id, created_at, expires_at) VALUES ($1, $2, $3) RETURNING token_id, user_id, created_at, expires_at
|
|
`
|
|
|
|
type CreateAuthTokenParams struct {
|
|
UserID uuid.UUID `json:"user_id"`
|
|
CreatedAt time.Time `json:"created_at"`
|
|
ExpiresAt time.Time `json:"expires_at"`
|
|
}
|
|
|
|
func (q *Queries) CreateAuthToken(ctx context.Context, arg CreateAuthTokenParams) (AuthToken, error) {
|
|
row := q.db.QueryRowContext(ctx, createAuthToken, arg.UserID, arg.CreatedAt, arg.ExpiresAt)
|
|
var i AuthToken
|
|
err := row.Scan(
|
|
&i.TokenID,
|
|
&i.UserID,
|
|
&i.CreatedAt,
|
|
&i.ExpiresAt,
|
|
)
|
|
return i, err
|
|
}
|
|
|
|
const deleteAuthTokenByID = `-- name: DeleteAuthTokenByID :exec
|
|
DELETE FROM auth_token WHERE token_id = $1
|
|
`
|
|
|
|
func (q *Queries) DeleteAuthTokenByID(ctx context.Context, tokenID uuid.UUID) error {
|
|
_, err := q.db.ExecContext(ctx, deleteAuthTokenByID, tokenID)
|
|
return err
|
|
}
|
|
|
|
const deleteAuthTokenByUserID = `-- name: DeleteAuthTokenByUserID :exec
|
|
DELETE FROM auth_token WHERE user_id = $1
|
|
`
|
|
|
|
func (q *Queries) DeleteAuthTokenByUserID(ctx context.Context, userID uuid.UUID) error {
|
|
_, err := q.db.ExecContext(ctx, deleteAuthTokenByUserID, userID)
|
|
return err
|
|
}
|
|
|
|
const deleteExpiredTokens = `-- name: DeleteExpiredTokens :exec
|
|
DELETE FROM auth_token WHERE expires_at <= NOW()
|
|
`
|
|
|
|
func (q *Queries) DeleteExpiredTokens(ctx context.Context) error {
|
|
_, err := q.db.ExecContext(ctx, deleteExpiredTokens)
|
|
return err
|
|
}
|
|
|
|
const getAuthTokenByID = `-- name: GetAuthTokenByID :one
|
|
SELECT token_id, user_id, created_at, expires_at FROM auth_token WHERE token_id = $1
|
|
`
|
|
|
|
func (q *Queries) GetAuthTokenByID(ctx context.Context, tokenID uuid.UUID) (AuthToken, error) {
|
|
row := q.db.QueryRowContext(ctx, getAuthTokenByID, tokenID)
|
|
var i AuthToken
|
|
err := row.Scan(
|
|
&i.TokenID,
|
|
&i.UserID,
|
|
&i.CreatedAt,
|
|
&i.ExpiresAt,
|
|
)
|
|
return i, err
|
|
}
|