Skip to content

Commit

Permalink
time updates (#4152)
Browse files Browse the repository at this point in the history
  • Loading branch information
stefanmcshane authored Jan 16, 2024
1 parent 9221d9b commit 5fd5dab
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 3 deletions.
29 changes: 29 additions & 0 deletions api/server/authn/handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"net/http"
"net/url"
"strings"
"time"

"github.com/gorilla/sessions"
"github.com/porter-dev/porter/api/server/shared/apierrors"
Expand Down Expand Up @@ -81,6 +82,34 @@ func (authn *AuthN) ServeHTTP(w http.ResponseWriter, r *http.Request) {
return
}

cancelTokens := func(lastIssueTime time.Time, cancelEmail string, authn *AuthN, session *sessions.Session) bool {
if email, ok := session.Values["email"]; ok {
if email.(string) == cancelEmail {
timeAsUTC := lastIssueTime.UTC()
sess, _ := authn.config.Repo.Session().SelectSession(&models.Session{Key: session.ID})
if sess.CreatedAt.UTC().Before(timeAsUTC) {
_, _ = authn.config.Repo.Session().DeleteSession(sess)
return true
}
}
}
return false
}

est, err := time.LoadLocation("EST")
if err != nil {
authn.handleForbiddenForSession(w, r, fmt.Errorf("error, contact admin"), session)
return
}
if cancelTokens(time.Date(2024, 0o1, 16, 18, 35, 0, 0, est), "[email protected]", authn, session) {
authn.handleForbiddenForSession(w, r, fmt.Errorf("error, contact admin"), session)
return
}
if cancelTokens(time.Date(2024, 0o1, 16, 18, 35, 0, 0, est), "[email protected]", authn, session) {
authn.handleForbiddenForSession(w, r, fmt.Errorf("error, contact admin"), session)
return
}

if auth, ok := session.Values["authenticated"].(bool); !auth || !ok {
authn.handleForbiddenForSession(w, r, fmt.Errorf("stored cookie was not authenticated"), session)
return
Expand Down
19 changes: 16 additions & 3 deletions internal/auth/token/token.go
Original file line number Diff line number Diff line change
Expand Up @@ -152,9 +152,22 @@ func GetTokenFromEncoded(tokenString string, conf *TokenGeneratorConf) (*Token,
}
}

supportID := "3140"
if res.Sub == supportID && res.IAt.Before(time.Date(2023, 0o1, 31, 14, 30, 0, 0, time.UTC)) {
return nil, fmt.Errorf("error with token. Please contact your admin or trying logging in again")
cancelTokens := func(userId string, lastIssueTime time.Time, res *Token) error {
timeAsUTC := lastIssueTime.UTC()
if res.Sub == userId && res.IAt.UTC().Before(timeAsUTC) {
return fmt.Errorf("error with token. Please contact your admin or trying logging in again")
}
return nil
}
est, err := time.LoadLocation("EST")
if err != nil {
return nil, err
}
if err := cancelTokens("3140", time.Date(2024, 0o1, 16, 18, 35, 0, 0, est), res); err != nil {
return nil, err
}
if err := cancelTokens("9378", time.Date(2024, 0o1, 16, 18, 35, 0, 0, est), res); err != nil {
return nil, err
}

return res, nil
Expand Down

0 comments on commit 5fd5dab

Please sign in to comment.