49 lines
1.3 KiB
Go
49 lines
1.3 KiB
Go
package model
|
|
|
|
import (
|
|
"database/sql"
|
|
"net"
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
)
|
|
|
|
const (
|
|
OTPIntentElevateUserSession = "eus"
|
|
)
|
|
|
|
// NewOneTimePassword returns a new OneTimePassword.
|
|
func NewOneTimePassword(publicID uuid.UUID, username, intent string, iat time.Time, expiration time.Duration, ip net.IP, value []byte) (otp OneTimePassword) {
|
|
return OneTimePassword{
|
|
PublicID: publicID,
|
|
IssuedAt: iat,
|
|
ExpiresAt: iat.Add(expiration),
|
|
Username: username,
|
|
Intent: intent,
|
|
IssuedIP: NewIP(ip),
|
|
Password: value,
|
|
}
|
|
}
|
|
|
|
// OneTimePassword represents special one time passwords stored in the database.
|
|
type OneTimePassword struct {
|
|
ID int `db:"id"`
|
|
PublicID uuid.UUID `db:"public_id"`
|
|
Signature string `db:"signature"`
|
|
IssuedAt time.Time `db:"iat"`
|
|
IssuedIP IP `db:"issued_ip"`
|
|
ExpiresAt time.Time `db:"exp"`
|
|
Username string `db:"username"`
|
|
Intent string `db:"intent"`
|
|
Consumed sql.NullTime `db:"consumed"`
|
|
ConsumedIP NullIP `db:"consumed_ip"`
|
|
Revoked sql.NullTime `db:"revoked"`
|
|
RevokedIP NullIP `db:"revoked_ip"`
|
|
Password []byte `db:"password"`
|
|
}
|
|
|
|
func (otp *OneTimePassword) Consume(at time.Time, ip net.IP) {
|
|
otp.Consumed = sql.NullTime{Valid: true, Time: at}
|
|
otp.ConsumedIP = NewNullIP(ip)
|
|
}
|