AuthTokenResult AuthService::processAuthToken(const std::string& token,
AbstractUserDatabase& users) const
{
AUTO_PTR<AbstractUserDatabase::Transaction> t(users.startTransaction());
std::string hash = tokenHashFunction()->compute(token, std::string());
User user = users.findWithAuthToken(hash);
if (user.isValid()) {
std::string newToken = WRandom::generateId(tokenLength_);
std::string newHash = tokenHashFunction()->compute(newToken, std::string());
int validity = user.updateAuthToken(hash, newHash);
if (validity < 0) {
/*
* Old API, this is bad since we always extend the lifetime of the
* token.
*/
user.removeAuthToken(hash);
newToken = createAuthToken(user);
validity = authTokenValidity_ * 60;
}
if (t.get()) t->commit();
return AuthTokenResult(AuthTokenResult::Valid, user, newToken, validity);
} else {
if (t.get()) t->commit();
return AuthTokenResult(AuthTokenResult::Invalid);
}
}
AuthTokenResult AuthService::processAuthToken(const std::string& token,
AbstractUserDatabase& users) const
{
std::auto_ptr<AbstractUserDatabase::Transaction> t(users.startTransaction());
std::string hash = tokenHashFunction()->compute(token, std::string());
User user = users.findWithAuthToken(hash);
if (user.isValid()) {
user.removeAuthToken(hash);
std::string newToken = createAuthToken(user);
if (t.get()) t->commit();
return AuthTokenResult(AuthTokenResult::Valid, user, newToken);
} else
return AuthTokenResult(AuthTokenResult::Invalid);
}
