diff --git a/api/oidc.go b/api/oidc.go index da2cfd6..46ca584 100644 --- a/api/oidc.go +++ b/api/oidc.go @@ -417,10 +417,12 @@ func (a *OIDCAPI) resolveUser(info *oidc.UserInfo) (*model.User, int, error) { } func (a *OIDCAPI) createClient(name string, userID uint) (*model.Client, error) { + elevatedUntil := time.Now().Add(model.DefaultElevationDuration) client := &model.Client{ - Name: name, - Token: auth.GenerateNotExistingToken(generateClientToken, func(t string) bool { c, _ := a.DB.GetClientByToken(t); return c != nil }), - UserID: userID, + Name: name, + Token: auth.GenerateNotExistingToken(generateClientToken, func(t string) bool { c, _ := a.DB.GetClientByToken(t); return c != nil }), + UserID: userID, + ElevatedUntil: &elevatedUntil, } return client, a.DB.CreateClient(client) } diff --git a/api/session.go b/api/session.go index 432bc00..2722f21 100644 --- a/api/session.go +++ b/api/session.go @@ -2,6 +2,7 @@ package api import ( "errors" + "time" "github.com/gin-gonic/gin" "github.com/gotify/server/v2/auth" @@ -74,10 +75,12 @@ func (a *SessionAPI) Login(ctx *gin.Context) { return } + elevatedUntil := time.Now().Add(model.DefaultElevationDuration) client := model.Client{ - Name: clientParams.Name, - Token: auth.GenerateNotExistingToken(generateClientToken, a.clientExists), - UserID: user.ID, + Name: clientParams.Name, + Token: auth.GenerateNotExistingToken(generateClientToken, a.clientExists), + UserID: user.ID, + ElevatedUntil: &elevatedUntil, } if success := successOrAbort(ctx, 500, a.DB.CreateClient(&client)); !success { return diff --git a/model/elevate.go b/model/elevate.go index 8ffd688..c7ff7f4 100644 --- a/model/elevate.go +++ b/model/elevate.go @@ -1,5 +1,7 @@ package model +import "time" + // ElevateRequest parameters for client elevation. // // swagger:model ElevateRequest @@ -15,3 +17,5 @@ type ElevateRequest struct { // example: 900 DurationSeconds int `form:"durationSeconds" query:"durationSeconds" json:"durationSeconds" binding:"required"` } + +var DefaultElevationDuration = time.Hour