github.com/go-kivik/kivik/v4@v4.3.2/x/kivikd/cookies.go

github.com/go-kivik/kivik/v4@v4.3.2/x/kivikd/cookies.go (about)

     1  // Licensed under the Apache License, Version 2.0 (the "License"); you may not
     2  // use this file except in compliance with the License. You may obtain a copy of
     3  // the License at
     4  //
     5  //  http://www.apache.org/licenses/LICENSE-2.0
     6  //
     7  // Unless required by applicable law or agreed to in writing, software
     8  // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
     9  // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
    10  // License for the specific language governing permissions and limitations under
    11  // the License.
    12  
    13  //go:build !js
    14  
    15  package kivikd
    16  
    17  import (
    18  	"github.com/go-kivik/kivik/v4/x/kivikd/authdb"
    19  	"github.com/go-kivik/kivik/v4/x/kivikd/cookies"
    20  )
    21  
    22  // CreateAuthToken hashes a user name, salt, timestamp, and the server secret
    23  // into an authentication token.
    24  func (s *Service) CreateAuthToken(name, salt string, time int64) (string, error) {
    25  	secret := s.getAuthSecret()
    26  	return authdb.CreateAuthToken(name, salt, secret, time), nil
    27  }
    28  
    29  // ValidateCookie validates a cookie against a user context.
    30  func (s *Service) ValidateCookie(user *authdb.UserContext, cookie string) (bool, error) {
    31  	name, t, err := cookies.DecodeCookie(cookie)
    32  	if err != nil {
    33  		return false, err
    34  	}
    35  	token, err := s.CreateAuthToken(name, user.Salt, t)
    36  	if err != nil {
    37  		return false, err
    38  	}
    39  	return token == cookie, nil
    40  }