149 lines
4.1 KiB
Go
149 lines
4.1 KiB
Go
package api
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"encoding/hex"
|
|
"encoding/json"
|
|
"errors"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
"github.com/jackc/pgx/v5"
|
|
"github.com/jackc/pgx/v5/pgtype"
|
|
|
|
"git.fabledsword.com/bvandeusen/minstrel/internal/apierror"
|
|
"git.fabledsword.com/bvandeusen/minstrel/internal/audit"
|
|
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
|
|
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
|
|
)
|
|
|
|
// inviteTTL is the lifetime of a freshly-minted invite. 24 hours
|
|
// matches the spec; admin can revoke an unredeemed invite at any
|
|
// time anyway, so a short TTL is just defense-in-depth against
|
|
// shared-link leakage.
|
|
const inviteTTL = 24 * time.Hour
|
|
|
|
type inviteResp struct {
|
|
Token string `json:"token"`
|
|
InvitedBy string `json:"invited_by"`
|
|
Note *string `json:"note"`
|
|
CreatedAt string `json:"created_at"`
|
|
ExpiresAt string `json:"expires_at"`
|
|
RedeemedAt *string `json:"redeemed_at"`
|
|
RedeemedBy *string `json:"redeemed_by"`
|
|
}
|
|
|
|
type listInvitesResp struct {
|
|
Invites []inviteResp `json:"invites"`
|
|
}
|
|
|
|
func (h *handlers) handleListInvites(w http.ResponseWriter, r *http.Request) {
|
|
q := dbq.New(h.pool)
|
|
rows, err := q.ListInvitesActive(r.Context())
|
|
if err != nil {
|
|
writeErrWithLog(w, h.logger, "admin: list invites failed", apierror.Internal(err))
|
|
return
|
|
}
|
|
out := make([]inviteResp, 0, len(rows))
|
|
for _, row := range rows {
|
|
out = append(out, inviteFromRow(row))
|
|
}
|
|
writeJSON(w, http.StatusOK, listInvitesResp{Invites: out})
|
|
}
|
|
|
|
type createInviteReq struct {
|
|
Note string `json:"note"`
|
|
}
|
|
|
|
func (h *handlers) handleCreateInvite(w http.ResponseWriter, r *http.Request) {
|
|
user, ok := requireUser(w, r)
|
|
if !ok {
|
|
return
|
|
}
|
|
var req createInviteReq
|
|
// Body is optional — empty body is fine; ignore decode errors.
|
|
if r.Body != nil && r.ContentLength != 0 {
|
|
_ = json.NewDecoder(r.Body).Decode(&req)
|
|
}
|
|
|
|
tokenBytes := make([]byte, 16)
|
|
if _, err := rand.Read(tokenBytes); err != nil {
|
|
writeErrWithLog(w, h.logger, "admin: invite token gen failed", apierror.Internal(err))
|
|
return
|
|
}
|
|
token := hex.EncodeToString(tokenBytes)
|
|
expiresAt := time.Now().Add(inviteTTL)
|
|
|
|
q := dbq.New(h.pool)
|
|
var notePtr *string
|
|
if req.Note != "" {
|
|
n := req.Note
|
|
notePtr = &n
|
|
}
|
|
row, err := q.CreateInvite(r.Context(), dbq.CreateInviteParams{
|
|
Token: token,
|
|
InvitedBy: user.ID,
|
|
Note: notePtr,
|
|
ExpiresAt: pgtype.Timestamptz{Time: expiresAt, Valid: true},
|
|
})
|
|
if err != nil {
|
|
writeErrWithLog(w, h.logger, "admin: create invite failed", apierror.Internal(err))
|
|
return
|
|
}
|
|
|
|
audit.WriteOrLog(r.Context(), h.pool, h.logger, user.ID, pgtype.UUID{}, audit.ActionInviteCreate,
|
|
map[string]any{"token": token})
|
|
|
|
writeJSON(w, http.StatusOK, inviteFromRow(row))
|
|
}
|
|
|
|
func (h *handlers) handleDeleteInvite(w http.ResponseWriter, r *http.Request) {
|
|
user, ok := requireUser(w, r)
|
|
if !ok {
|
|
return
|
|
}
|
|
token := chi.URLParam(r, "token")
|
|
if token == "" {
|
|
writeErr(w, apierror.BadRequest("invalid_token", ""))
|
|
return
|
|
}
|
|
q := dbq.New(h.pool)
|
|
// Verify the invite exists + is unredeemed before deleting, so we can
|
|
// return a useful 404 vs 200.
|
|
if _, err := q.GetInviteByToken(r.Context(), token); err != nil {
|
|
if errors.Is(err, pgx.ErrNoRows) {
|
|
writeErr(w, &apierror.Error{Status: http.StatusNotFound, Code: "not_found", Message: ""})
|
|
return
|
|
}
|
|
writeErrWithLog(w, h.logger, "admin: get invite failed", apierror.Internal(err))
|
|
return
|
|
}
|
|
if err := q.DeleteInvite(r.Context(), token); err != nil {
|
|
writeErrWithLog(w, h.logger, "admin: delete invite failed", apierror.Internal(err))
|
|
return
|
|
}
|
|
audit.WriteOrLog(r.Context(), h.pool, h.logger, user.ID, pgtype.UUID{}, audit.ActionInviteRevoke,
|
|
map[string]any{"token": token})
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}
|
|
|
|
func inviteFromRow(row dbq.UserInvite) inviteResp {
|
|
resp := inviteResp{
|
|
Token: row.Token,
|
|
InvitedBy: uuidToString(row.InvitedBy),
|
|
Note: row.Note,
|
|
CreatedAt: row.CreatedAt.Time.UTC().Format(time.RFC3339),
|
|
ExpiresAt: row.ExpiresAt.Time.UTC().Format(time.RFC3339),
|
|
}
|
|
if row.RedeemedAt.Valid {
|
|
s := row.RedeemedAt.Time.UTC().Format(time.RFC3339)
|
|
resp.RedeemedAt = &s
|
|
}
|
|
if row.RedeemedBy.Valid {
|
|
s := uuidToString(row.RedeemedBy)
|
|
resp.RedeemedBy = &s
|
|
}
|
|
return resp
|
|
}
|