From 6ad8bddabf24860ba8c8318e6d83b33ddc1916b5 Mon Sep 17 00:00:00 2001 From: Jason Song Date: Wed, 23 Nov 2022 14:24:13 +0800 Subject: [PATCH] feat: GetRunningTaskByToken --- models/bots/task.go | 6 +++--- models/migrations/v-dev.go | 2 +- services/auth/basic.go | 13 +++++-------- services/auth/oauth2.go | 13 +++++-------- 4 files changed, 14 insertions(+), 20 deletions(-) diff --git a/models/bots/task.go b/models/bots/task.go index 1fb136e1fe..3e01908078 100644 --- a/models/bots/task.go +++ b/models/bots/task.go @@ -50,7 +50,7 @@ type Task struct { Token string `xorm:"-"` TokenHash string `xorm:"UNIQUE"` // sha256 of token TokenSalt string - TokenLastEight string `xorm:"token_last_eight"` + TokenLastEight string `xorm:"index token_last_eight"` LogFilename string // file name of log LogInStorage bool // read log from database or from storage @@ -237,7 +237,7 @@ func GetTaskByID(ctx context.Context, id int64) (*Task, error) { return &task, nil } -func GetTaskByToken(ctx context.Context, token string) (*Task, error) { +func GetRunningTaskByToken(ctx context.Context, token string) (*Task, error) { errNotExist := fmt.Errorf("task with token %q: %w", token, util.ErrNotExist) if token == "" { return nil, errNotExist @@ -270,7 +270,7 @@ func GetTaskByToken(ctx context.Context, token string) (*Task, error) { } var tasks []*Task - err := db.GetEngine(ctx).Where("token_last_eight = ?", lastEight).Find(&tasks) + err := db.GetEngine(ctx).Where("token_last_eight = ? AND status = ?", lastEight, StatusRunning).Find(&tasks) if err != nil { return nil, err } else if len(tasks) == 0 { diff --git a/models/migrations/v-dev.go b/models/migrations/v-dev.go index 485b012f92..519e9051db 100644 --- a/models/migrations/v-dev.go +++ b/models/migrations/v-dev.go @@ -115,7 +115,7 @@ func addBotTables(x *xorm.Engine) error { TokenHash string `xorm:"UNIQUE"` // sha256 of token TokenSalt string - TokenLastEight string `xorm:"token_last_eight"` + TokenLastEight string `xorm:"index token_last_eight"` LogFilename string // file name of log LogInStorage bool // read log from database or from storage diff --git a/services/auth/basic.go b/services/auth/basic.go index 1849ed8c77..a988b84590 100644 --- a/services/auth/basic.go +++ b/services/auth/basic.go @@ -110,17 +110,14 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore } // check task token - task, err := bots_model.GetTaskByToken(db.DefaultContext, authToken) + task, err := bots_model.GetRunningTaskByToken(db.DefaultContext, authToken) if err == nil && task != nil { - if task.Status.IsRunning() { - log.Trace("Basic Authorization: Valid AccessToken for task[%d]", task.ID) + log.Trace("Basic Authorization: Valid AccessToken for task[%d]", task.ID) - store.GetData()["IsBotToken"] = true - store.GetData()["BotTaskID"] = task.ID + store.GetData()["IsBotToken"] = true + store.GetData()["BotTaskID"] = task.ID - return user_model.NewBotUser() - } - log.Warn("task %v status is %v but auth request sent: %v", task.ID, task.Status, req.RemoteAddr) + return user_model.NewBotUser() } if !setting.Service.EnableBasicAuth { diff --git a/services/auth/oauth2.go b/services/auth/oauth2.go index 7571a7ff62..b7c54f4f91 100644 --- a/services/auth/oauth2.go +++ b/services/auth/oauth2.go @@ -95,17 +95,14 @@ func (o *OAuth2) userIDFromToken(req *http.Request, store DataStore) int64 { if err != nil { if auth_model.IsErrAccessTokenNotExist(err) { // check task token - task, err := bots_model.GetTaskByToken(db.DefaultContext, tokenSHA) + task, err := bots_model.GetRunningTaskByToken(db.DefaultContext, tokenSHA) if err == nil && task != nil { - if task.Status.IsRunning() { - log.Trace("Basic Authorization: Valid AccessToken for task[%d]", task.ID) + log.Trace("Basic Authorization: Valid AccessToken for task[%d]", task.ID) - store.GetData()["IsBotToken"] = true - store.GetData()["BotTaskID"] = task.ID + store.GetData()["IsBotToken"] = true + store.GetData()["BotTaskID"] = task.ID - return user_model.BotUserID - } - log.Warn("task %v status is %v but auth request sent: %v", task.ID, task.Status, req.RemoteAddr) + return user_model.BotUserID } } else if !auth_model.IsErrAccessTokenNotExist(err) && !auth_model.IsErrAccessTokenEmpty(err) { log.Error("GetAccessTokenBySHA: %v", err)