[feature] Refactor tokens, allow multiple app redirect_uris (#3849)

* [feature] Refactor tokens, allow multiple app redirect_uris * move + tweak handlers a bit * return error for unset oauth2.ClientStore funcs * wrap UpdateToken with cache * panic handling * cheeky little time optimization * unlock on error
author: tobi <31960611+tsmethurst@users.noreply.github.com> 2025-03-03 16:03:36 +0100
committer: GitHub <noreply@github.com> 2025-03-03 15:03:36 +0000
commit: 1b37944f8b8eccc2afcfb0f603786209a3b7402d (patch)
tree: 2bc0be27cf0405e16ac3e14efc3b6973eb096b8b /internal/gtsmodel/token.go
parent: bumps go-ffmpreg to v0.6.6 (#3866) (diff)
download: gotosocial-1b37944f8b8eccc2afcfb0f603786209a3b7402d.tar.xz
1 files changed, 17 insertions, 18 deletions
diff --git a/internal/gtsmodel/token.go b/internal/gtsmodel/token.go
index 0586ae68a..6fe944290 100644
--- a/internal/gtsmodel/token.go
+++ b/internal/gtsmodel/token.go
@@ -22,22 +22,21 @@ import "time"
 // Token is a translation of the gotosocial token
 // with the ExpiresIn fields replaced with ExpiresAt.
 type Token struct {
-	ID                  string    `bun:"type:CHAR(26),pk,nullzero,notnull,unique"`                    // id of this item in the database
-	CreatedAt           time.Time `bun:"type:timestamptz,nullzero,notnull,default:current_timestamp"` // when was item created
-	UpdatedAt           time.Time `bun:"type:timestamptz,nullzero,notnull,default:current_timestamp"` // when was item last updated
-	ClientID            string    `bun:"type:CHAR(26),nullzero,notnull"`                              // ID of the client who owns this token
-	UserID              string    `bun:"type:CHAR(26),nullzero"`                                      // ID of the user who owns this token
-	RedirectURI         string    `bun:",nullzero,notnull"`                                           // Oauth redirect URI for this token
-	Scope               string    `bun:",notnull"`                                                    // Oauth scope
-	Code                string    `bun:",pk,nullzero,notnull,default:''"`                             // Code, if present
-	CodeChallenge       string    `bun:",nullzero"`                                                   // Code challenge, if code present
-	CodeChallengeMethod string    `bun:",nullzero"`                                                   // Code challenge method, if code present
-	CodeCreateAt        time.Time `bun:"type:timestamptz,nullzero"`                                   // Code created time, if code present
-	CodeExpiresAt       time.Time `bun:"type:timestamptz,nullzero"`                                   // Code expires at -- null means the code never expires
-	Access              string    `bun:",pk,nullzero,notnull,default:''"`                             // User level access token, if present
-	AccessCreateAt      time.Time `bun:"type:timestamptz,nullzero"`                                   // User level access token created time, if access present
-	AccessExpiresAt     time.Time `bun:"type:timestamptz,nullzero"`                                   // User level access token expires at -- null means the token never expires
-	Refresh             string    `bun:",pk,nullzero,notnull,default:''"`                             // Refresh token, if present
-	RefreshCreateAt     time.Time `bun:"type:timestamptz,nullzero"`                                   // Refresh created at, if refresh present
-	RefreshExpiresAt    time.Time `bun:"type:timestamptz,nullzero"`                                   // Refresh expires at -- null means the refresh token never expires
+	ID                  string    `bun:"type:CHAR(26),pk,nullzero,notnull,unique"` // id of this item in the database
+	LastUsed            time.Time `bun:"type:timestamptz,nullzero"`                // approximate time when this token was last used
+	ClientID            string    `bun:"type:CHAR(26),nullzero,notnull"`           // ID of the client who owns this token
+	UserID              string    `bun:"type:CHAR(26),nullzero"`                   // ID of the user who owns this token
+	RedirectURI         string    `bun:",nullzero,notnull"`                        // Oauth redirect URI for this token
+	Scope               string    `bun:",nullzero,notnull,default:'read'"`         // Oauth scope                                // Oauth scope
+	Code                string    `bun:",pk,nullzero,notnull,default:''"`          // Code, if present
+	CodeChallenge       string    `bun:",nullzero"`                                // Code challenge, if code present
+	CodeChallengeMethod string    `bun:",nullzero"`                                // Code challenge method, if code present
+	CodeCreateAt        time.Time `bun:"type:timestamptz,nullzero"`                // Code created time, if code present
+	CodeExpiresAt       time.Time `bun:"type:timestamptz,nullzero"`                // Code expires at -- null means the code never expires
+	Access              string    `bun:",pk,nullzero,notnull,default:''"`          // User level access token, if present
+	AccessCreateAt      time.Time `bun:"type:timestamptz,nullzero"`                // User level access token created time, if access present
+	AccessExpiresAt     time.Time `bun:"type:timestamptz,nullzero"`                // User level access token expires at -- null means the token never expires
+	Refresh             string    `bun:",pk,nullzero,notnull,default:''"`          // Refresh token, if present
+	RefreshCreateAt     time.Time `bun:"type:timestamptz,nullzero"`                // Refresh created at, if refresh present
+	RefreshExpiresAt    time.Time `bun:"type:timestamptz,nullzero"`                // Refresh expires at -- null means the refresh token never expires
 }
author	tobi <31960611+tsmethurst@users.noreply.github.com>	2025-03-03 16:03:36 +0100
committer	GitHub <noreply@github.com>	2025-03-03 15:03:36 +0000
commit	1b37944f8b8eccc2afcfb0f603786209a3b7402d (patch)
tree	2bc0be27cf0405e16ac3e14efc3b6973eb096b8b /internal/gtsmodel/token.go
parent	bumps go-ffmpreg to v0.6.6 (#3866) (diff)
download	gotosocial-1b37944f8b8eccc2afcfb0f603786209a3b7402d.tar.xz