mirror of
https://github.com/mattermost/mattermost.git
synced 2026-02-03 20:40:00 -05:00
edb05c7ea5
Some checks are pending
API / build (push) Waiting to run
Server CI / Compute Go Version (push) Waiting to run
Server CI / Check mocks (push) Blocked by required conditions
Server CI / Check go mod tidy (push) Blocked by required conditions
Server CI / check-style (push) Blocked by required conditions
Server CI / Check serialization methods for hot structs (push) Blocked by required conditions
Server CI / Vet API (push) Blocked by required conditions
Server CI / Check migration files (push) Blocked by required conditions
Server CI / Generate email templates (push) Blocked by required conditions
Server CI / Check store layers (push) Blocked by required conditions
Server CI / Check mmctl docs (push) Blocked by required conditions
Server CI / Postgres with binary parameters (push) Blocked by required conditions
Server CI / Postgres (push) Blocked by required conditions
Server CI / Postgres (FIPS) (push) Blocked by required conditions
Server CI / Generate Test Coverage (push) Blocked by required conditions
Server CI / Run mmctl tests (push) Blocked by required conditions
Server CI / Run mmctl tests (FIPS) (push) Blocked by required conditions
Server CI / Build mattermost server app (push) Blocked by required conditions
Web App CI / check-lint (push) Waiting to run
Web App CI / check-i18n (push) Waiting to run
Web App CI / check-types (push) Waiting to run
Web App CI / test (push) Waiting to run
Web App CI / build (push) Waiting to run
* Add EasyLogin configuration (#34217) * add easy login config * add easy login to the invite modal * add to the query parameters * Add an API to get login method for the login id (#34223) * add an api to get login method for the login id * do not return errors if user is not found * Add support for Easy Login invitation link sending (#34224) This generates Easy Login token types when requested. The server doesn't do anything with these tokens, yet - that will come in a future change. * Add support for logging in with easy login (#34236) * Fix E2E tests (#34240) * Prevent easy login accounts to reset their password (#34262) * Add easy login support to login api and limit token to 5 min (#34259) * webapp easy login ui mods (#34237) * webapp easy login ui mods * easy login i18n * lint issues * getUserLoginType * using the real API * easylogin proper redirect * remove unneeded functions and files * duplicated localization * remove easylogin * using EnableEasyLogin setting * localization fix * fix lint issue * remove excessive setIsWaiting * changed logic to make it more readable * renaming component to make easier editable * password will disappear when username change * login test * text for easy login password * Add app links to emails * Update templates and always land in the landing screen * Update svg image, improve checks on server, fix linking page and show deactivated on login type * Update naming * Fix mocks and imports * Remove all sessions on disable and forbid user promotion * Fix layer and tests * Address feedback * Fix tests * Fix missing string * Fix texts * Fix tests * Fix constant name * Fix tests * Fix test * Address feedback * Fix lint * Fix test * Address feedback * Fix test --------- Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> Co-authored-by: David Krauser <david@krauser.org> Co-authored-by: Daniel Espino <larkox@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
89 lines
2.5 KiB
Go
89 lines
2.5 KiB
Go
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
|
|
// See LICENSE.txt for license information.
|
|
|
|
package model
|
|
|
|
import (
|
|
"net/http"
|
|
)
|
|
|
|
const (
|
|
TokenSize = 64
|
|
MaxTokenExipryTime = 1000 * 60 * 60 * 48 // 48 hour
|
|
PasswordRecoverExpiryTime = 1000 * 60 * 60 * 24 // 24 hours
|
|
InvitationExpiryTime = 1000 * 60 * 60 * 48 // 48 hours
|
|
MagicLinkExpiryTime = 1000 * 60 * 5 // 5 minutes
|
|
|
|
TokenTypePasswordRecovery = "password_recovery"
|
|
TokenTypeVerifyEmail = "verify_email"
|
|
TokenTypeTeamInvitation = "team_invitation"
|
|
TokenTypeGuestInvitation = "guest_invitation"
|
|
TokenTypeCWSAccess = "cws_access_token"
|
|
TokenTypeGuestMagicLinkInvitation = "guest_magic_link_invitation"
|
|
TokenTypeGuestMagicLink = "guest_magic_link"
|
|
|
|
TokenTypeOAuth = "oauth"
|
|
TokenTypeSaml = "saml"
|
|
TokenTypeSSOCodeExchange = "sso-code-exchange"
|
|
)
|
|
|
|
type Token struct {
|
|
Token string
|
|
CreateAt int64
|
|
Type string
|
|
Extra string
|
|
}
|
|
|
|
func NewToken(tokentype, extra string) *Token {
|
|
return &Token{
|
|
Token: NewRandomString(TokenSize),
|
|
CreateAt: GetMillis(),
|
|
Type: tokentype,
|
|
Extra: extra,
|
|
}
|
|
}
|
|
|
|
func (t *Token) IsValid() *AppError {
|
|
if len(t.Token) != TokenSize {
|
|
return NewAppError("Token.IsValid", "model.token.is_valid.size", nil, "", http.StatusInternalServerError)
|
|
}
|
|
|
|
if t.CreateAt == 0 {
|
|
return NewAppError("Token.IsValid", "model.token.is_valid.expiry", nil, "", http.StatusInternalServerError)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// IsExpired checks if the token is expired based on the token type and expiry time
|
|
// If the token is nil, it returns true
|
|
func (t *Token) IsExpired() bool {
|
|
if t == nil {
|
|
return true
|
|
}
|
|
|
|
var expiryTime int64 = MaxTokenExipryTime
|
|
switch t.Type {
|
|
case TokenTypeGuestMagicLink:
|
|
expiryTime = MagicLinkExpiryTime
|
|
case TokenTypeGuestMagicLinkInvitation:
|
|
expiryTime = InvitationExpiryTime
|
|
case TokenTypePasswordRecovery:
|
|
expiryTime = PasswordRecoverExpiryTime
|
|
case TokenTypeVerifyEmail:
|
|
expiryTime = PasswordRecoverExpiryTime
|
|
case TokenTypeTeamInvitation:
|
|
expiryTime = InvitationExpiryTime
|
|
case TokenTypeGuestInvitation:
|
|
expiryTime = InvitationExpiryTime
|
|
}
|
|
return GetMillis() > (t.CreateAt + expiryTime)
|
|
}
|
|
|
|
func (t *Token) IsGuestMagicLink() bool {
|
|
return t.Type == TokenTypeGuestMagicLink || t.Type == TokenTypeGuestMagicLinkInvitation
|
|
}
|
|
|
|
func (t *Token) IsInvitationToken() bool {
|
|
return t.Type == TokenTypeTeamInvitation || t.Type == TokenTypeGuestInvitation || t.Type == TokenTypeGuestMagicLinkInvitation
|
|
}
|