add simple model and repo for api tokens

internal/models/api_token.go

@@ -0,0 +1,27 @@
+package models
+
+import (
+	"time"
+
+	"gorm.io/gorm"
+)
+
+type APIToken struct {
+	gorm.Model
+
+	UniqueID string `gorm:"unique"`
+
+	ProjectID       uint
+	CreatedByUserID uint
+	Expiry          *time.Time
+	Revoked         bool
+	PolicyName      string
+
+	// SecretKey is hashed like a password before storage
+	SecretKey string
+}
+
+func (p *APIToken) IsExpired() bool {
+	timeLeft := p.Expiry.Sub(time.Now())
+	return timeLeft < 0
+}

internal/repository/api_token.go

@@ -0,0 +1,13 @@
+package repository
+
+import (
+	"github.com/porter-dev/porter/internal/models"
+)
+
+// APITokenRepository represents the set of queries on the APIToken model
+type APITokenRepository interface {
+	CreateAPIToken(token *models.APIToken) (*models.APIToken, error)
+	ListAPITokensByProjectID(projectID uint) ([]*models.APIToken, error)
+	ReadAPIToken(uid string) (*models.APIToken, error)
+	UpdateAPIToken(token *models.APIToken) (*models.APIToken, error)
+}

internal/repository/gorm/api_token.go

@@ -0,0 +1,55 @@
+package gorm
+
+import (
+	"github.com/porter-dev/porter/internal/models"
+	"github.com/porter-dev/porter/internal/repository"
+	"gorm.io/gorm"
+)
+
+// APITokenRepository uses gorm.DB for querying the database
+type APITokenRepository struct {
+	db *gorm.DB
+}
+
+// NewAPITokenRepository returns a APITokenRepository which uses
+// gorm.DB for querying the database
+func NewAPITokenRepository(db *gorm.DB) repository.APITokenRepository {
+	return &APITokenRepository{db}
+}
+
+func (repo *APITokenRepository) CreateAPIToken(a *models.APIToken) (*models.APIToken, error) {
+	if err := repo.db.Create(a).Error; err != nil {
+		return nil, err
+	}
+	return a, nil
+}
+
+func (repo *APITokenRepository) ListAPITokensByProjectID(projectID uint) ([]*models.APIToken, error) {
+	tokens := []*models.APIToken{}
+
+	if err := repo.db.Where("project_id = ?", projectID).Find(&tokens).Error; err != nil {
+		return nil, err
+	}
+
+	return tokens, nil
+}
+
+func (repo *APITokenRepository) ReadAPIToken(uid string) (*models.APIToken, error) {
+	token := &models.APIToken{}
+
+	if err := repo.db.Where("id = ?", uid).First(&token).Error; err != nil {
+		return nil, err
+	}
+
+	return token, nil
+}
+
+func (repo *APITokenRepository) UpdateAPIToken(
+	token *models.APIToken,
+) (*models.APIToken, error) {
+	if err := repo.db.Save(token).Error; err != nil {
+		return nil, err
+	}
+
+	return token, nil
+}

internal/repository/gorm/repository.go

@@ -41,6 +41,7 @@ type GormRepository struct {
 	ceToken                   repository.CredentialsExchangeTokenRepository
 	buildConfig               repository.BuildConfigRepository
 	allowlist                 repository.AllowlistRepository
+	apiToken                  repository.APITokenRepository
 }
 
 func (t *GormRepository) User() repository.UserRepository {
@@ -179,6 +180,10 @@ func (t *GormRepository) Allowlist() repository.AllowlistRepository {
 	return t.allowlist
 }
 
+func (t *GormRepository) APIToken() repository.APITokenRepository {
+	return t.apiToken
+}
+
 // NewRepository returns a Repository which persists users in memory
 // and accepts a parameter that can trigger read/write errors
 func NewRepository(db *gorm.DB, key *[32]byte, storageBackend credentials.CredentialStorage) repository.Repository {
@@ -217,5 +222,6 @@ func NewRepository(db *gorm.DB, key *[32]byte, storageBackend credentials.Creden
 		ceToken:                   NewCredentialsExchangeTokenRepository(db),
 		buildConfig:               NewBuildConfigRepository(db),
 		allowlist:                 NewAllowlistRepository(db),
+		apiToken:                  NewAPITokenRepository(db),
 	}
 }

internal/repository/repository.go

@@ -35,4 +35,5 @@ type Repository interface {
 	CredentialsExchangeToken() CredentialsExchangeTokenRepository
 	BuildConfig() BuildConfigRepository
 	Allowlist() AllowlistRepository
+	APIToken() APITokenRepository
 }