ability to revoke user tokens

This commit is contained in:
Brad Rydzewski 2016-04-08 17:16:45 -07:00
parent 3d475e7e2e
commit a8c50005b0
3 changed files with 19 additions and 1 deletions

View file

@ -6,7 +6,6 @@ all: gen build
deps: deps:
go get -u golang.org/x/tools/cmd/cover go get -u golang.org/x/tools/cmd/cover
go get -u golang.org/x/tools/cmd/vet
go get -u github.com/eknkc/amber/... go get -u github.com/eknkc/amber/...
go get -u github.com/eknkc/amber go get -u github.com/eknkc/amber
go get -u github.com/jteeuwen/go-bindata/... go get -u github.com/jteeuwen/go-bindata/...

View file

@ -8,6 +8,7 @@ import (
"github.com/drone/drone/cache" "github.com/drone/drone/cache"
"github.com/drone/drone/model" "github.com/drone/drone/model"
"github.com/drone/drone/router/middleware/session" "github.com/drone/drone/router/middleware/session"
"github.com/drone/drone/shared/crypto"
"github.com/drone/drone/shared/token" "github.com/drone/drone/shared/token"
"github.com/drone/drone/store" "github.com/drone/drone/store"
) )
@ -88,6 +89,23 @@ func PostToken(c *gin.Context) {
c.String(http.StatusOK, tokenstr) c.String(http.StatusOK, tokenstr)
} }
func DeleteToken(c *gin.Context) {
user := session.User(c)
user.Hash = crypto.Rand()
if err := store.UpdateUser(c, user); err != nil {
c.String(500, "Error revoking tokens. %s", err)
return
}
token := token.New(token.UserToken, user.Login)
tokenstr, err := token.Sign(user.Hash)
if err != nil {
c.AbortWithError(http.StatusInternalServerError, err)
return
}
c.String(http.StatusOK, tokenstr)
}
// swagger:response user // swagger:response user
type userResp struct { type userResp struct {
// in: body // in: body

View file

@ -68,6 +68,7 @@ func Load(middleware ...gin.HandlerFunc) http.Handler {
user.GET("/repos", api.GetRepos) user.GET("/repos", api.GetRepos)
user.GET("/repos/remote", api.GetRemoteRepos) user.GET("/repos/remote", api.GetRemoteRepos)
user.POST("/token", api.PostToken) user.POST("/token", api.PostToken)
user.DELETE("/token", api.DeleteToken)
} }
users := e.Group("/api/users") users := e.Group("/api/users")