Use short-lived tokens instead of user API keys (#340)

Author: Forceu

build/go-generate/minifyStaticContent.go

@@ -137,6 +137,6 @@ func fileExists(filename string) bool {
 // Auto-generated content below, do not modify
 // Version codes can be changed in updateVersionNumbers.go
 
-const jsAdminVersion = 13
+const jsAdminVersion = 14
 const jsE2EVersion = 8
 const cssMainVersion = 5

build/go-generate/updateProtectedUrls.go

@@ -97,7 +97,7 @@ func writeDocumentationFile(urls []string) {
 	for _, url := range urls {
 		output = output + "- ``" + url + "``\n"
 	}
-	regex := regexp.MustCompile(`proxy:(?:\r?\n)+((?:- ` + "``" + `\/\w+` + "``" + `\r?\n)+)`)
+	regex := regexp.MustCompile("proxy:(?:\\r?\\n)+(?:- ``\\/[^`]+``\\r?\\n)+")
 	matches := regex.FindAllIndex(documentationContent, -1)
 	if len(matches) != 1 {
 		fmt.Println("ERROR: Not one match found exactly for documentation")

build/go-generate/updateVersionNumbers.go

@@ -11,7 +11,7 @@ import (
 	"strings"
 )
 
-const versionJsAdmin = 13
+const versionJsAdmin = 14
 const versionJsDropzone = 5
 const versionJsE2EAdmin = 8
 const versionCssMain = 5

docs/setup.rst

@@ -283,6 +283,7 @@ This option disables Gokapis internal authentication completely, except for API
 
 - ``/admin``
 - ``/apiKeys``
+- ``/auth/token``
 - ``/changePassword``
 - ``/e2eSetup``
 - ``/logs``

internal/configuration/database/Database.go

@@ -139,11 +139,6 @@ func DeleteApiKey(id string) {
 	db.DeleteApiKey(id)
 }
 
-// GetSystemKey returns the latest UI API key
-func GetSystemKey(userId int) (models.ApiKey, bool) {
-	return db.GetSystemKey(userId)
-}
-
 // GetApiKeyByPublicKey returns an API key by using the public key
 func GetApiKeyByPublicKey(publicKey string) (string, bool) {
 	return db.GetApiKeyByPublicKey(publicKey)

internal/configuration/database/Database_test.go

@@ -1,15 +1,16 @@
 package database
 
 import (
+	"log"
+	"os"
+	"testing"
+	"time"
+
 	"github.com/alicebob/miniredis/v2"
 	"github.com/forceu/gokapi/internal/configuration/database/dbabstraction"
 	"github.com/forceu/gokapi/internal/configuration/database/dbcache"
 	"github.com/forceu/gokapi/internal/models"
 	"github.com/forceu/gokapi/internal/test"
-	"log"
-	"os"
-	"testing"
-	"time"
 )
 
 var configSqlite = models.DbConnection{
@@ -92,32 +93,6 @@ func TestApiKeys(t *testing.T) {
 	runAllTypesCompareTwoOutputs(t, func() (any, any) {
 		return GetApiKeyByPublicKey("publicId")
 	}, "publicTest", true)
-
-	runAllTypesCompareOutput(t, func() any {
-		_, ok := GetSystemKey(6)
-		return ok
-	}, false)
-
-	runAllTypesNoOutput(t, func() {
-		SaveApiKey(models.ApiKey{
-			Id:          "sysKey1",
-			PublicId:    "sysKey1",
-			IsSystemKey: true,
-			Expiry:      time.Now().Add(1 * time.Hour).Unix(),
-			UserId:      6,
-		})
-		SaveApiKey(models.ApiKey{
-			Id:          "sysKey2",
-			PublicId:    "sysKey2",
-			IsSystemKey: true,
-			Expiry:      time.Now().Add(2 * time.Hour).Unix(),
-			UserId:      6,
-		})
-	})
-	runAllTypesCompareTwoOutputs(t, func() (any, any) {
-		key, ok := GetSystemKey(6)
-		return key.Id, ok
-	}, "sysKey2", true)
 }
 
 func TestE2E(t *testing.T) {

internal/configuration/database/dbabstraction/DbAbstraction.go

@@ -2,6 +2,7 @@ package dbabstraction
 
 import (
 	"fmt"
+
 	"github.com/forceu/gokapi/internal/configuration/database/provider/redis"
 	"github.com/forceu/gokapi/internal/configuration/database/provider/sqlite"
 	"github.com/forceu/gokapi/internal/models"
@@ -43,8 +44,6 @@ type Database interface {
 	UpdateTimeApiKey(apikey models.ApiKey)
 	// DeleteApiKey deletes an API key with the given ID
 	DeleteApiKey(id string)
-	// GetSystemKey returns the latest UI API key
-	GetSystemKey(userId int) (models.ApiKey, bool)
 	// GetApiKeyByPublicKey returns an API key by using the public key
 	GetApiKeyByPublicKey(publicKey string) (string, bool)
 

internal/configuration/database/provider/redis/Redis_test.go

@@ -1,15 +1,16 @@
 package redis
 
 import (
-	"github.com/alicebob/miniredis/v2"
-	"github.com/forceu/gokapi/internal/models"
-	"github.com/forceu/gokapi/internal/test"
-	redigo "github.com/gomodule/redigo/redis"
 	"log"
 	"os"
 	"slices"
 	"testing"
 	"time"
+
+	"github.com/alicebob/miniredis/v2"
+	"github.com/forceu/gokapi/internal/models"
+	"github.com/forceu/gokapi/internal/test"
+	redigo "github.com/gomodule/redigo/redis"
 )
 
 var config = models.DbConnection{
@@ -253,47 +254,6 @@ func TestApiKeys(t *testing.T) {
 	keyName, ok := dbInstance.GetApiKeyByPublicKey("publicId")
 	test.IsEqualBool(t, ok, true)
 	test.IsEqualString(t, keyName, "publicTest")
-
-	_, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, false)
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey1",
-		PublicId:    "publicSysKey1",
-		IsSystemKey: true,
-		UserId:      5,
-		Expiry:      time.Now().Add(time.Hour).Unix(),
-	})
-	_, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, false)
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey2",
-		PublicId:    "publicSysKey2",
-		IsSystemKey: true,
-		UserId:      4,
-		Expiry:      time.Now().Add(-1 * time.Hour).Unix(),
-	})
-	_, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, false)
-	_, ok = dbInstance.GetSystemKey(5)
-	test.IsEqualBool(t, ok, true)
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey3",
-		PublicId:    "publicSysKey2",
-		IsSystemKey: true,
-		UserId:      4,
-		Expiry:      time.Now().Add(2 * time.Hour).Unix(),
-	})
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey4",
-		PublicId:    "publicSysKey4",
-		IsSystemKey: true,
-		UserId:      4,
-		Expiry:      time.Now().Add(4 * time.Hour).Unix(),
-	})
-	key, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, true)
-	test.IsEqualString(t, key.Id, "sysKey4")
-	test.IsEqualBool(t, key.IsSystemKey, true)
 }
 
 func TestDatabaseProvider_IncreaseDownloadCount(t *testing.T) {

internal/configuration/database/provider/redis/apikeys.go

@@ -1,10 +1,11 @@
 package redis
 
 import (
+	"strings"
+
 	"github.com/forceu/gokapi/internal/helper"
 	"github.com/forceu/gokapi/internal/models"
 	redigo "github.com/gomodule/redigo/redis"
-	"strings"
 )
 
 const (
@@ -41,29 +42,6 @@ func (p DatabaseProvider) GetApiKey(id string) (models.ApiKey, bool) {
 	return apikey, true
 }
 
-// GetSystemKey returns the latest UI API key
-func (p DatabaseProvider) GetSystemKey(userId int) (models.ApiKey, bool) {
-	keys := p.GetAllApiKeys()
-	foundKey := ""
-	var latestExpiry int64
-	for _, key := range keys {
-		if !key.IsSystemKey {
-			continue
-		}
-		if key.UserId != userId {
-			continue
-		}
-		if key.Expiry > latestExpiry {
-			foundKey = key.Id
-			latestExpiry = key.Expiry
-		}
-	}
-	if foundKey == "" {
-		return models.ApiKey{}, false
-	}
-	return keys[foundKey], true
-}
-
 // GetApiKeyByPublicKey returns an API key by using the public key
 func (p DatabaseProvider) GetApiKeyByPublicKey(publicKey string) (string, bool) {
 	keys := p.GetAllApiKeys()

internal/configuration/database/provider/sqlite/Sqlite_test.go

@@ -3,15 +3,16 @@
 package sqlite
 
 import (
-	"github.com/forceu/gokapi/internal/helper"
-	"github.com/forceu/gokapi/internal/models"
-	"github.com/forceu/gokapi/internal/test"
 	"math"
 	"os"
 	"slices"
 	"sync"
 	"testing"
 	"time"
+
+	"github.com/forceu/gokapi/internal/helper"
+	"github.com/forceu/gokapi/internal/models"
+	"github.com/forceu/gokapi/internal/test"
 )
 
 var config = models.DbConnection{
@@ -451,47 +452,6 @@ func TestUpdateTimeApiKey(t *testing.T) {
 	keyName, ok := dbInstance.GetApiKeyByPublicKey("publicId")
 	test.IsEqualBool(t, ok, true)
 	test.IsEqualString(t, keyName, "publicTest")
-
-	_, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, false)
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey1",
-		PublicId:    "publicSysKey1",
-		IsSystemKey: true,
-		UserId:      5,
-		Expiry:      time.Now().Add(time.Hour).Unix(),
-	})
-	_, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, false)
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey2",
-		PublicId:    "publicSysKey2",
-		IsSystemKey: true,
-		UserId:      4,
-		Expiry:      time.Now().Add(-1 * time.Hour).Unix(),
-	})
-	_, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, true)
-	_, ok = dbInstance.GetSystemKey(5)
-	test.IsEqualBool(t, ok, true)
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey3",
-		PublicId:    "publicSysKey2",
-		IsSystemKey: true,
-		UserId:      4,
-		Expiry:      time.Now().Add(2 * time.Hour).Unix(),
-	})
-	dbInstance.SaveApiKey(models.ApiKey{
-		Id:          "sysKey4",
-		PublicId:    "publicSysKey4",
-		IsSystemKey: true,
-		UserId:      4,
-		Expiry:      time.Now().Add(4 * time.Hour).Unix(),
-	})
-	key, ok = dbInstance.GetSystemKey(4)
-	test.IsEqualBool(t, ok, true)
-	test.IsEqualString(t, key.Id, "sysKey4")
-	test.IsEqualBool(t, key.IsSystemKey, true)
 }
 
 func TestParallelConnectionsWritingAndReading(t *testing.T) {