summaryrefslogtreecommitdiffstats
path: root/models/token.go
diff options
context:
space:
mode:
author6543 <6543@obermui.de>2020-04-13 21:02:48 +0200
committerGitHub <noreply@github.com>2020-04-13 22:02:48 +0300
commitad5c43ae5d90dc92a5ce173894c72b5f6c248bc0 (patch)
tree7e19d9bd69dc739190d6c5f8cbead58a34c4b85e /models/token.go
parent980ef242519ff02d7c66f7ceac5b7d731bb9c1ec (diff)
downloadgitea-ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0.tar.gz
gitea-ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0.zip
Reject duplicate AccessToken names (#10994)
* make sure duplicate token names cannot be used * add check to api routes too * add @lunny s suggestion * fix & don't forget User.ID * AccessTokenByNameExists() return error too * unique token for each test * fix lint Signed-off-by: 6543 <6543@obermui.de> Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Diffstat (limited to 'models/token.go')
-rw-r--r--models/token.go5
1 files changed, 5 insertions, 0 deletions
diff --git a/models/token.go b/models/token.go
index 7ad9d41676..71a9f0975f 100644
--- a/models/token.go
+++ b/models/token.go
@@ -77,6 +77,11 @@ func GetAccessTokenBySHA(token string) (*AccessToken, error) {
return nil, ErrAccessTokenNotExist{token}
}
+// AccessTokenByNameExists checks if a token name has been used already by a user.
+func AccessTokenByNameExists(token *AccessToken) (bool, error) {
+ return x.Table("access_token").Where("name = ?", token.Name).And("uid = ?", token.UID).Exist()
+}
+
// ListAccessTokens returns a list of access tokens belongs to given user.
func ListAccessTokens(uid int64, listOptions ListOptions) ([]*AccessToken, error) {
sess := x.