Implement API v2 (#13)

* Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator
2023-08-10 21:13:09 +03:00 · 2021-07-22 22:26:21 +02:00
parent 4c392b4b52
commit 99504e0bba
18 changed files with 723 additions and 71 deletions
--- a/internal/shared/paste.go
+++ b/internal/shared/paste.go
@@ -1,30 +1,43 @@
 package shared

 import (
+	"log"
+
 	"github.com/alexedwards/argon2id"
 )

 // Paste represents a saved paste
 type Paste struct {
-	ID            string `json:"id" bson:"_id"`
-	Content       string `json:"content" bson:"content"`
-	DeletionToken string `json:"deletionToken,omitempty" bson:"deletionToken"`
-	Created       int64  `json:"created" bson:"created"`
-	AutoDelete    bool   `json:"autoDelete" bson:"autoDelete"`
+	ID                string                 `json:"id" bson:"_id"`
+	Content           string                 `json:"content" bson:"content"`
+	DeletionToken     string                 `json:"deletionToken,omitempty" bson:"deletionToken"` // Required for legacy paste storage support
+	ModificationToken string                 `json:"modificationToken,omitempty" bson:"modificationToken"`
+	Created           int64                  `json:"created" bson:"created"`
+	AutoDelete        bool                   `json:"autoDelete" bson:"autoDelete"`
+	Metadata          map[string]interface{} `json:"metadata" bson:"metadata"`
 }

-// HashDeletionToken hashes the current deletion token of a paste
-func (paste *Paste) HashDeletionToken() error {
-	hash, err := argon2id.CreateHash(paste.DeletionToken, argon2id.DefaultParams)
+// HashModificationToken hashes the current modification token of a paste
+func (paste *Paste) HashModificationToken() error {
+	hash, err := argon2id.CreateHash(paste.ModificationToken, argon2id.DefaultParams)
 	if err != nil {
 		return err
 	}
-	paste.DeletionToken = hash
+	paste.ModificationToken = hash
 	return nil
 }

-// CheckDeletionToken checks whether or not the given deletion token is correct
-func (paste *Paste) CheckDeletionToken(deletionToken string) bool {
-	match, err := argon2id.ComparePasswordAndHash(deletionToken, paste.DeletionToken)
+// CheckModificationToken checks whether or not the given modification token is correct
+func (paste *Paste) CheckModificationToken(modificationToken string) bool {
+	// The modification token may be stored in the deletion token field in old pastes
+	usedToken := paste.ModificationToken
+	if usedToken == "" {
+		usedToken = paste.DeletionToken
+		if usedToken != "" {
+			log.Println("WARNING: You seem to have pastes with the old 'deletionToken' field stored in your storage driver. Though this does not cause any issues right now, it may in the future. Consider some kind of migration.")
+		}
+	}
+
+	match, err := argon2id.ComparePasswordAndHash(modificationToken, usedToken)
 	return err == nil && match
 }