2023-02-14 22:12:19 +00:00
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
2024-04-22 03:44:03 +08:00
"errors"
2023-02-14 22:12:19 +00:00
"fmt"
auth_model "code.gitea.io/gitea/models/auth"
user_model "code.gitea.io/gitea/models/user"
2023-07-21 17:28:19 +08:00
"github.com/urfave/cli/v2"
2023-02-14 22:12:19 +00:00
)
2023-07-21 17:28:19 +08:00
var microcmdUserGenerateAccessToken = & cli . Command {
2023-02-14 22:12:19 +00:00
Name : "generate-access-token" ,
Usage : "Generate an access token for a specific user" ,
Flags : [ ] cli . Flag {
2023-07-21 17:28:19 +08:00
& cli . StringFlag {
Name : "username" ,
Aliases : [ ] string { "u" } ,
Usage : "Username" ,
2023-02-14 22:12:19 +00:00
} ,
2023-07-21 17:28:19 +08:00
& cli . StringFlag {
Name : "token-name" ,
Aliases : [ ] string { "t" } ,
Usage : "Token name" ,
Value : "gitea-admin" ,
2023-02-14 22:12:19 +00:00
} ,
2023-07-21 17:28:19 +08:00
& cli . BoolFlag {
2023-02-14 22:12:19 +00:00
Name : "raw" ,
Usage : "Display only the token value" ,
} ,
2023-07-21 17:28:19 +08:00
& cli . StringFlag {
2023-02-14 22:12:19 +00:00
Name : "scopes" ,
Value : "" ,
Usage : "Comma separated list of scopes to apply to access token" ,
} ,
} ,
Action : runGenerateAccessToken ,
}
func runGenerateAccessToken ( c * cli . Context ) error {
if ! c . IsSet ( "username" ) {
2024-04-22 03:44:03 +08:00
return errors . New ( "You must provide a username to generate a token for" )
2023-02-14 22:12:19 +00:00
}
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
return err
}
user , err := user_model . GetUserByName ( ctx , c . String ( "username" ) )
if err != nil {
return err
}
2023-07-26 02:06:11 +03:00
// construct token with name and user so we can make sure it is unique
t := & auth_model . AccessToken {
Name : c . String ( "token-name" ) ,
UID : user . ID ,
}
2023-09-15 08:13:19 +02:00
exist , err := auth_model . AccessTokenByNameExists ( ctx , t )
2023-02-14 22:12:19 +00:00
if err != nil {
return err
}
2023-07-26 02:06:11 +03:00
if exist {
2024-04-22 03:44:03 +08:00
return errors . New ( "access token name has been used already" )
2023-07-26 02:06:11 +03:00
}
2023-02-14 22:12:19 +00:00
2023-07-26 02:06:11 +03:00
// make sure the scopes are valid
accessTokenScope , err := auth_model . AccessTokenScope ( c . String ( "scopes" ) ) . Normalize ( )
if err != nil {
return fmt . Errorf ( "invalid access token scope provided: %w" , err )
2023-02-14 22:12:19 +00:00
}
2023-07-26 02:06:11 +03:00
t . Scope = accessTokenScope
2023-02-14 22:12:19 +00:00
2023-07-26 02:06:11 +03:00
// create the token
2023-09-15 08:13:19 +02:00
if err := auth_model . NewAccessToken ( ctx , t ) ; err != nil {
2023-02-14 22:12:19 +00:00
return err
}
if c . Bool ( "raw" ) {
fmt . Printf ( "%s\n" , t . Token )
} else {
fmt . Printf ( "Access token was successfully created: %s\n" , t . Token )
}
return nil
}