ability to refresh tokens

2024-06-13 19:09:38 +00:00 · 2015-10-04 19:39:44 -07:00 · 2015-10-04 19:39:44 -07:00 · 93c78150b6
parent dc821b8d12
commit 93c78150b6
5 changed files with 10 additions and 6 deletions
--- a/model/user.go
+++ b/model/user.go
@ -10,7 +10,7 @@ type User struct {
 	Login  string `json:"login"      meddler:"user_login"`
 	Token  string `json:"-"          meddler:"user_token"`
 	Secret string `json:"-"          meddler:"user_secret"`
-	Expiry int64  `json:"-"          meddler:"-"`
+	Expiry int64  `json:"-"          meddler:"user_expiry"`
 	Email  string `json:"email"      meddler:"user_email"`
 	Avatar string `json:"avatar_url" meddler:"user_avatar"`
 	Active bool   `json:"active,"    meddler:"user_active"`
--- a/router/middleware/refresh/refresh.go
+++ b/router/middleware/refresh/refresh.go
@ -14,16 +14,14 @@ import (

 func Refresh(c *gin.Context) {
 	user := session.User(c)
-	if user == nil || user.Expiry == 0 {
+	if user == nil {
 		c.Next()
 		return
 	}

-	db := context.Database(c)
-	remote_ := context.Remote(c)
-
 	// check if the remote includes the ability to
 	// refresh the user token.
+	remote_ := context.Remote(c)
 	refresher, ok := remote_.(remote.Refresher)
 	if !ok {
 		c.Next()
@ -33,7 +31,7 @@ func Refresh(c *gin.Context) {
 	// check to see if the user token is expired or
 	// will expire within the next 30 minutes (1800 seconds).
 	// If not, there is nothing we really need to do here.
-	if time.Now().UTC().Unix() > (user.Expiry - 1800) {
+	if time.Now().UTC().Unix() < (user.Expiry - 1800) {
 		c.Next()
 		return
 	}
@ -43,11 +41,14 @@ func Refresh(c *gin.Context) {
 	// database.
 	ok, _ = refresher.Refresh(user)
 	if ok {
+		db := context.Database(c)
 		err := model.UpdateUser(db, user)
 		if err != nil {
 			// we only log the error at this time. not sure
 			// if we really want to fail the request, do we?
 			log.Errorf("cannot refresh access token for %s. %s", user.Login, err)
+		} else {
+			log.Infof("refreshed access token for %s", user.Login)
 		}
 	}

--- a/shared/database/mysql/1_init.sql
+++ b/shared/database/mysql/1_init.sql
@ -5,6 +5,7 @@ CREATE TABLE users (
 ,user_login  VARCHAR(500)
 ,user_token  VARCHAR(500)
 ,user_secret VARCHAR(500)
+,user_expiry INTEGER
 ,user_email  VARCHAR(500)
 ,user_avatar VARCHAR(500)
 ,user_active BOOLEAN
--- a/shared/database/postgres/1_init.sql
+++ b/shared/database/postgres/1_init.sql
@ -5,6 +5,7 @@ CREATE TABLE users (
 ,user_login  VARCHAR(500)
 ,user_token  VARCHAR(500)
 ,user_secret VARCHAR(500)
+,user_expiry INTEGER
 ,user_email  VARCHAR(500)
 ,user_avatar VARCHAR(500)
 ,user_active BOOLEAN
--- a/shared/database/sqlite3/1_init.sql
+++ b/shared/database/sqlite3/1_init.sql
@ -5,6 +5,7 @@ CREATE TABLE users (
 ,user_login  TEXT
 ,user_token  TEXT
 ,user_secret TEXT
+,user_expiry INTEGER
 ,user_email  TEXT
 ,user_avatar TEXT
 ,user_active BOOLEAN