(ctx context.Context, user database.User, workspace database.Workspace)
| 3083 | } |
| 3084 | |
| 3085 | func (s *server) regenerateSessionToken(ctx context.Context, user database.User, workspace database.Workspace) (string, error) { |
| 3086 | // NOTE(Cian): Once a workspace is claimed, there's no reason for the session token to be valid any longer. |
| 3087 | // Not generating any session token at all for a system user may unintentionally break existing templates, |
| 3088 | // which we want to avoid. If there's no session token for the workspace belonging to the prebuilds user, |
| 3089 | // then there's nothing for us to worry about here. |
| 3090 | // TODO(Cian): Update this to handle _all_ system users. At the time of writing, only one system user exists. |
| 3091 | if err := deleteSessionTokenForUserAndWorkspace(ctx, s.Database, database.PrebuildsSystemUserID, workspace.ID); err != nil && !errors.Is(err, sql.ErrNoRows) { |
| 3092 | s.Logger.Error(ctx, "failed to delete prebuilds session token", slog.Error(err), slog.F("workspace_id", workspace.ID)) |
| 3093 | } |
| 3094 | newkey, sessionToken, err := apikey.Generate(apikey.CreateParams{ |
| 3095 | UserID: user.ID, |
| 3096 | LoginType: user.LoginType, |
| 3097 | TokenName: WorkspaceSessionTokenName(workspace.OwnerID, workspace.ID), |
| 3098 | DefaultLifetime: s.DeploymentValues.Sessions.DefaultTokenDuration.Value(), |
| 3099 | LifetimeSeconds: int64(s.DeploymentValues.Sessions.MaximumTokenDuration.Value().Seconds()), |
| 3100 | }) |
| 3101 | if err != nil { |
| 3102 | return "", xerrors.Errorf("generate API key: %w", err) |
| 3103 | } |
| 3104 | |
| 3105 | err = s.Database.InTx(func(tx database.Store) error { |
| 3106 | err := deleteSessionToken(ctx, tx, workspace) |
| 3107 | if err != nil { |
| 3108 | return xerrors.Errorf("delete session token: %w", err) |
| 3109 | } |
| 3110 | |
| 3111 | _, err = tx.InsertAPIKey(ctx, newkey) |
| 3112 | if err != nil { |
| 3113 | return xerrors.Errorf("insert API key: %w", err) |
| 3114 | } |
| 3115 | return nil |
| 3116 | }, nil) |
| 3117 | if err != nil { |
| 3118 | return "", xerrors.Errorf("create API key: %w", err) |
| 3119 | } |
| 3120 | |
| 3121 | return sessionToken, nil |
| 3122 | } |
| 3123 | |
| 3124 | func deleteSessionToken(ctx context.Context, db database.Store, workspace database.Workspace) error { |
| 3125 | return deleteSessionTokenForUserAndWorkspace(ctx, db, workspace.OwnerID, workspace.ID) |
no test coverage detected