diff options
author | 6543 <6543@obermui.de> | 2020-04-13 21:02:48 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-04-13 22:02:48 +0300 |
commit | ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0 (patch) | |
tree | 7e19d9bd69dc739190d6c5f8cbead58a34c4b85e /models/token.go | |
parent | 980ef242519ff02d7c66f7ceac5b7d731bb9c1ec (diff) | |
download | gitea-ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0.tar.gz gitea-ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0.zip |
Reject duplicate AccessToken names (#10994)
* make sure duplicate token names cannot be used
* add check to api routes too
* add @lunny s suggestion
* fix & don't forget User.ID
* AccessTokenByNameExists() return error too
* unique token for each test
* fix lint
Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Diffstat (limited to 'models/token.go')
-rw-r--r-- | models/token.go | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/models/token.go b/models/token.go index 7ad9d41676..71a9f0975f 100644 --- a/models/token.go +++ b/models/token.go @@ -77,6 +77,11 @@ func GetAccessTokenBySHA(token string) (*AccessToken, error) { return nil, ErrAccessTokenNotExist{token} } +// AccessTokenByNameExists checks if a token name has been used already by a user. +func AccessTokenByNameExists(token *AccessToken) (bool, error) { + return x.Table("access_token").Where("name = ?", token.Name).And("uid = ?", token.UID).Exist() +} + // ListAccessTokens returns a list of access tokens belongs to given user. func ListAccessTokens(uid int64, listOptions ListOptions) ([]*AccessToken, error) { sess := x. |