feat: add API token authentication

This commit is contained in:
2026-05-19 02:46:47 +02:00
parent ccfb469299
commit 237b5f3004
10 changed files with 310 additions and 14 deletions

View File

@@ -24,6 +24,39 @@ func (q *Queries) CountPendingAnimeFetchRetries(ctx context.Context) (int64, err
return count, err
}
const createAPIToken = `-- name: CreateAPIToken :one
INSERT INTO api_token (id, user_id, token_hash, name)
VALUES (?, ?, ?, ?)
RETURNING id, user_id, token_hash, name, created_at, last_used_at, revoked_at
`
type CreateAPITokenParams struct {
ID string `json:"id"`
UserID string `json:"user_id"`
TokenHash string `json:"token_hash"`
Name string `json:"name"`
}
func (q *Queries) CreateAPIToken(ctx context.Context, arg CreateAPITokenParams) (ApiToken, error) {
row := q.db.QueryRowContext(ctx, createAPIToken,
arg.ID,
arg.UserID,
arg.TokenHash,
arg.Name,
)
var i ApiToken
err := row.Scan(
&i.ID,
&i.UserID,
&i.TokenHash,
&i.Name,
&i.CreatedAt,
&i.LastUsedAt,
&i.RevokedAt,
)
return i, err
}
const createSession = `-- name: CreateSession :one
INSERT INTO session (id, user_id, expires_at)
VALUES (?, ?, ?)
@@ -128,6 +161,27 @@ func (q *Queries) EnqueueAnimeFetchRetry(ctx context.Context, arg EnqueueAnimeFe
return err
}
const getAPITokenByHash = `-- name: GetAPITokenByHash :one
SELECT id, user_id, token_hash, name, created_at, last_used_at, revoked_at FROM api_token
WHERE token_hash = ? AND revoked_at IS NULL
LIMIT 1
`
func (q *Queries) GetAPITokenByHash(ctx context.Context, tokenHash string) (ApiToken, error) {
row := q.db.QueryRowContext(ctx, getAPITokenByHash, tokenHash)
var i ApiToken
err := row.Scan(
&i.ID,
&i.UserID,
&i.TokenHash,
&i.Name,
&i.CreatedAt,
&i.LastUsedAt,
&i.RevokedAt,
)
return i, err
}
const getAnime = `-- name: GetAnime :one
SELECT id, title_original, image_url, created_at, title_english, title_japanese, airing, status, relations_synced_at, duration_seconds FROM anime WHERE id = ? LIMIT 1
`
@@ -820,6 +874,17 @@ func (q *Queries) MarkRelationsSynced(ctx context.Context, id int64) error {
return err
}
const revokeAllAPITokensForUser = `-- name: RevokeAllAPITokensForUser :exec
UPDATE api_token
SET revoked_at = CURRENT_TIMESTAMP
WHERE user_id = ? AND revoked_at IS NULL
`
func (q *Queries) RevokeAllAPITokensForUser(ctx context.Context, userID string) error {
_, err := q.db.ExecContext(ctx, revokeAllAPITokensForUser, userID)
return err
}
const saveWatchProgress = `-- name: SaveWatchProgress :exec
UPDATE watch_list_entry
SET current_episode = ?,
@@ -864,6 +929,17 @@ func (q *Queries) SetJikanCache(ctx context.Context, arg SetJikanCacheParams) er
return err
}
const touchAPITokenLastUsedAt = `-- name: TouchAPITokenLastUsedAt :exec
UPDATE api_token
SET last_used_at = CURRENT_TIMESTAMP
WHERE id = ?
`
func (q *Queries) TouchAPITokenLastUsedAt(ctx context.Context, id string) error {
_, err := q.db.ExecContext(ctx, touchAPITokenLastUsedAt, id)
return err
}
const updateAnimeStatus = `-- name: UpdateAnimeStatus :exec
UPDATE anime SET status = ? WHERE id = ?
`