1 // Licensed under the Apache License, Version 2.0 (the "License"); you may not 2 // use this file except in compliance with the License. You may obtain a copy of 3 // the License at 4 // 5 // http://www.apache.org/licenses/LICENSE-2.0 6 // 7 // Unless required by applicable law or agreed to in writing, software 8 // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 9 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 10 // License for the specific language governing permissions and limitations under 11 // the License. 12 13 //go:build !js 14 15 package kivikd 16 17 import ( 18 "github.com/go-kivik/kivik/v4/x/kivikd/authdb" 19 "github.com/go-kivik/kivik/v4/x/kivikd/cookies" 20 ) 21 22 // CreateAuthToken hashes a user name, salt, timestamp, and the server secret 23 // into an authentication token. 24 func (s *Service) CreateAuthToken(name, salt string, time int64) (string, error) { 25 secret := s.getAuthSecret() 26 return authdb.CreateAuthToken(name, salt, secret, time), nil 27 } 28 29 // ValidateCookie validates a cookie against a user context. 30 func (s *Service) ValidateCookie(user *authdb.UserContext, cookie string) (bool, error) { 31 name, t, err := cookies.DecodeCookie(cookie) 32 if err != nil { 33 return false, err 34 } 35 token, err := s.CreateAuthToken(name, user.Salt, t) 36 if err != nil { 37 return false, err 38 } 39 return token == cookie, nil 40 } 41