code.gitea.io/gitea@v1.22.3/cmd/admin_user_generate_access_token.go

code.gitea.io/gitea@v1.22.3/cmd/admin_user_generate_access_token.go (about)

     1  // Copyright 2023 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package cmd
     5  
     6  import (
     7  	"errors"
     8  	"fmt"
     9  
    10  	auth_model "code.gitea.io/gitea/models/auth"
    11  	user_model "code.gitea.io/gitea/models/user"
    12  
    13  	"github.com/urfave/cli/v2"
    14  )
    15  
    16  var microcmdUserGenerateAccessToken = &cli.Command{
    17  	Name:  "generate-access-token",
    18  	Usage: "Generate an access token for a specific user",
    19  	Flags: []cli.Flag{
    20  		&cli.StringFlag{
    21  			Name:    "username",
    22  			Aliases: []string{"u"},
    23  			Usage:   "Username",
    24  		},
    25  		&cli.StringFlag{
    26  			Name:    "token-name",
    27  			Aliases: []string{"t"},
    28  			Usage:   "Token name",
    29  			Value:   "gitea-admin",
    30  		},
    31  		&cli.BoolFlag{
    32  			Name:  "raw",
    33  			Usage: "Display only the token value",
    34  		},
    35  		&cli.StringFlag{
    36  			Name:  "scopes",
    37  			Value: "",
    38  			Usage: "Comma separated list of scopes to apply to access token",
    39  		},
    40  	},
    41  	Action: runGenerateAccessToken,
    42  }
    43  
    44  func runGenerateAccessToken(c *cli.Context) error {
    45  	if !c.IsSet("username") {
    46  		return errors.New("You must provide a username to generate a token for")
    47  	}
    48  
    49  	ctx, cancel := installSignals()
    50  	defer cancel()
    51  
    52  	if err := initDB(ctx); err != nil {
    53  		return err
    54  	}
    55  
    56  	user, err := user_model.GetUserByName(ctx, c.String("username"))
    57  	if err != nil {
    58  		return err
    59  	}
    60  
    61  	// construct token with name and user so we can make sure it is unique
    62  	t := &auth_model.AccessToken{
    63  		Name: c.String("token-name"),
    64  		UID:  user.ID,
    65  	}
    66  
    67  	exist, err := auth_model.AccessTokenByNameExists(ctx, t)
    68  	if err != nil {
    69  		return err
    70  	}
    71  	if exist {
    72  		return errors.New("access token name has been used already")
    73  	}
    74  
    75  	// make sure the scopes are valid
    76  	accessTokenScope, err := auth_model.AccessTokenScope(c.String("scopes")).Normalize()
    77  	if err != nil {
    78  		return fmt.Errorf("invalid access token scope provided: %w", err)
    79  	}
    80  	t.Scope = accessTokenScope
    81  
    82  	// create the token
    83  	if err := auth_model.NewAccessToken(ctx, t); err != nil {
    84  		return err
    85  	}
    86  
    87  	if c.Bool("raw") {
    88  		fmt.Printf("%s\n", t.Token)
    89  	} else {
    90  		fmt.Printf("Access token was successfully created: %s\n", t.Token)
    91  	}
    92  
    93  	return nil
    94  }