netbird/management/server/personal_access_token.go

package server

import (
	"crypto/sha256"
	"fmt"
	"hash/crc32"
	"math/rand"
	"time"

	"codeberg.org/ac/base62"
	"github.com/rs/xid"
)

type PersonalAccessToken struct {
	ID             string
	Description    string
	HashedToken    [32]byte
	ExpirationDate time.Time
	// scope could be added in future
	CreatedBy string
	CreatedAt time.Time
	LastUsed  time.Time
}

func CreateNewPAT(description string, expirationInDays int, createdBy string) (*PersonalAccessToken, string) {
	hashedToken, plainToken := generateNewToken()
	currentTime := time.Now().UTC()
	return &PersonalAccessToken{
		ID:             xid.New().String(),
		Description:    description,
		HashedToken:    hashedToken,
		ExpirationDate: currentTime.AddDate(0, 0, expirationInDays),
		CreatedBy:      createdBy,
		CreatedAt:      currentTime,
		LastUsed:       currentTime,
	}, plainToken
}

func generateNewToken() ([32]byte, string) {
	secret := randStringRunes(30)

	checksum := crc32.ChecksumIEEE([]byte(secret))
	encodedChecksum := base62.Encode(checksum)
	paddedChecksum := fmt.Sprintf("%06s", encodedChecksum)
	plainToken := "nbp_" + secret + paddedChecksum
	hashedToken := sha256.Sum256([]byte(plainToken))
	return hashedToken, plainToken
}

var letterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")

func randStringRunes(n int) string {
	b := make([]rune, n)
	for i := range b {
		b[i] = letterRunes[rand.Intn(len(letterRunes))]
	}
	return string(b)
}
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`package server`

			`import (`
			`"crypto/sha256"`
			`"fmt"`
			`"hash/crc32"`
			`"math/rand"`
			`"time"`

			`"codeberg.org/ac/base62"`
add id to the PAT 2023-03-02 16:19:31 +01:00			`"github.com/rs/xid"`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`)`

			`type PersonalAccessToken struct {`
add id to the PAT 2023-03-02 16:19:31 +01:00			`ID string`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`Description string`
			`HashedToken [32]byte`
			`ExpirationDate time.Time`
			`// scope could be added in future`
updated PAT struct to only use user id instead of user 2023-03-03 16:37:39 +01:00			`CreatedBy string`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`CreatedAt time.Time`
			`LastUsed time.Time`
			`}`

updated PAT struct to only use user id instead of user 2023-03-03 16:37:39 +01:00			`func CreateNewPAT(description string, expirationInDays int, createdBy string) (*PersonalAccessToken, string) {`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`hashedToken, plainToken := generateNewToken()`
			`currentTime := time.Now().UTC()`
			`return &PersonalAccessToken{`
add id to the PAT 2023-03-02 16:19:31 +01:00			`ID: xid.New().String(),`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`Description: description,`
			`HashedToken: hashedToken,`
			`ExpirationDate: currentTime.AddDate(0, 0, expirationInDays),`
			`CreatedBy: createdBy,`
			`CreatedAt: currentTime,`
fixed some namings 2023-03-06 13:49:07 +01:00			`LastUsed: currentTime,`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`}, plainToken`
			`}`

			`func generateNewToken() ([32]byte, string) {`
fixed some namings 2023-03-06 13:51:32 +01:00			`secret := randStringRunes(30)`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00
fixed some namings 2023-03-06 13:51:32 +01:00			`checksum := crc32.ChecksumIEEE([]byte(secret))`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`encodedChecksum := base62.Encode(checksum)`
			`paddedChecksum := fmt.Sprintf("%06s", encodedChecksum)`
fixed some namings 2023-03-06 13:51:32 +01:00			`plainToken := "nbp_" + secret + paddedChecksum`
add generating token (only frame for now, actual token is only dummy) 2023-03-01 20:12:04 +01:00			`hashedToken := sha256.Sum256([]byte(plainToken))`
			`return hashedToken, plainToken`
			`}`

			`var letterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")`

			`func randStringRunes(n int) string {`
			`b := make([]rune, n)`
			`for i := range b {`
			`b[i] = letterRunes[rand.Intn(len(letterRunes))]`
			`}`
			`return string(b)`
			`}`