return err
}
- accessTokenScope, err := auth_model.AccessTokenScope(c.String("scopes")).Normalize()
+ // construct token with name and user so we can make sure it is unique
+ t := &auth_model.AccessToken{
+ Name: c.String("token-name"),
+ UID: user.ID,
+ }
+
+ exist, err := auth_model.AccessTokenByNameExists(t)
if err != nil {
return err
}
+ if exist {
+ return fmt.Errorf("access token name has been used already")
+ }
- t := &auth_model.AccessToken{
- Name: c.String("token-name"),
- UID: user.ID,
- Scope: accessTokenScope,
+ // make sure the scopes are valid
+ accessTokenScope, err := auth_model.AccessTokenScope(c.String("scopes")).Normalize()
+ if err != nil {
+ return fmt.Errorf("invalid access token scope provided: %w", err)
}
+ t.Scope = accessTokenScope
+ // create the token
if err := auth_model.NewAccessToken(t); err != nil {
return err
}