53 lines
1.4 KiB
53 lines
1.4 KiB
package models |
|
|
|
import ( |
|
"time" |
|
|
|
log "github.com/sirupsen/logrus" |
|
) |
|
|
|
const ( |
|
// ScopeCanSendUserMessages will allow sending chat messages as users. |
|
ScopeCanSendUserMessages = "CAN_SEND_MESSAGES" |
|
// ScopeCanSendSystemMessages will allow sending chat messages as the system. |
|
ScopeCanSendSystemMessages = "CAN_SEND_SYSTEM_MESSAGES" |
|
// ScopeHasAdminAccess will allow performing administrative actions on the server. |
|
ScopeHasAdminAccess = "HAS_ADMIN_ACCESS" |
|
) |
|
|
|
// For a scope to be seen as "valid" it must live in this slice. |
|
var validAccessTokenScopes = []string{ |
|
ScopeCanSendUserMessages, |
|
ScopeCanSendSystemMessages, |
|
ScopeHasAdminAccess, |
|
} |
|
|
|
// AccessToken gives access to 3rd party code to access specific Owncast APIs. |
|
type AccessToken struct { |
|
Token string `json:"token"` |
|
Name string `json:"name"` |
|
Scopes []string `json:"scopes"` |
|
Timestamp time.Time `json:"timestamp"` |
|
LastUsed *time.Time `json:"lastUsed"` |
|
} |
|
|
|
// HasValidScopes will verify that all the scopes provided are valid. |
|
// This is not a efficient method. |
|
func HasValidScopes(scopes []string) bool { |
|
for _, scope := range scopes { |
|
if !findItemInSlice(validAccessTokenScopes, scope) { |
|
log.Errorln("Invalid scope", scope) |
|
return false |
|
} |
|
} |
|
return true |
|
} |
|
|
|
func findItemInSlice(slice []string, value string) bool { |
|
for _, item := range slice { |
|
if item == value { |
|
return true |
|
} |
|
} |
|
return false |
|
}
|
|
|