From 89ce70dba9115ea220af52b54b7e2fa3a3691148 Mon Sep 17 00:00:00 2001
From: Scott Schneider <sschneider@puppetlabs.com>
Date: Thu, 20 Aug 2015 19:54:59 -0700
Subject: [PATCH] Track token use times

* rename the Redis token 'timestamp' var to 'created'
* update the Redis token 'last' var when token is successfully validataed
* expose the Redis token 'last' var in GET /token route
---
 lib/vmpooler/api/helpers.rb  |  6 +++++-
 lib/vmpooler/api/v1.rb       | 37 ++++++++++++++++++++++++------------
 spec/vmpooler/api/v1_spec.rb |  2 +-
 3 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/lib/vmpooler/api/helpers.rb b/lib/vmpooler/api/helpers.rb
index 334a99b..47c9062 100644
--- a/lib/vmpooler/api/helpers.rb
+++ b/lib/vmpooler/api/helpers.rb
@@ -15,7 +15,11 @@ module Vmpooler
       end
 
       def validate_token(backend)
-        return if valid_token?(backend)
+        if valid_token?(backend)
+          backend.hset('vmpooler__token__' + request.env['HTTP_X_AUTH_TOKEN'], 'last', Time.now)
+
+          return true
+        end
 
         content_type :json
 
diff --git a/lib/vmpooler/api/v1.rb b/lib/vmpooler/api/v1.rb
index 12eaaff..ad2f033 100644
--- a/lib/vmpooler/api/v1.rb
+++ b/lib/vmpooler/api/v1.rb
@@ -20,10 +20,6 @@ module Vmpooler
       Vmpooler::API.settings.config[:pools]
     end
 
-    def has_valid_token?
-      valid_token?(backend)
-    end
-
     def need_auth!
       validate_auth(backend)
     end
@@ -180,7 +176,9 @@ module Vmpooler
             token = key.split('__').last
 
             result[token] ||= {}
-            result[token]['created'] = data['timestamp']
+
+            result[token]['created'] = data['created']
+            result[token]['last'] = data['last'] || 'never'
 
             result['ok'] = true
           end
@@ -255,7 +253,7 @@ module Vmpooler
         result['token'] = o[rand(25)] + (0...31).map { o[rand(o.length)] }.join
 
         backend.hset('vmpooler__token__' + result['token'], 'user', @auth.username)
-        backend.hset('vmpooler__token__' + result['token'], 'timestamp', Time.now)
+        backend.hset('vmpooler__token__' + result['token'], 'created', Time.now)
 
         status 200
         result['ok'] = true
@@ -307,7 +305,9 @@ module Vmpooler
               backend.hset('vmpooler__active__' + key, vm, Time.now)
               backend.hset('vmpooler__vm__' + vm, 'checkout', Time.now)
 
-              if Vmpooler::API.settings.config[:auth] and has_valid_token?
+              if Vmpooler::API.settings.config[:auth] and has_token?
+                validate_token(backend)
+
                 backend.hset('vmpooler__vm__' + vm, 'token:token', request.env['HTTP_X_AUTH_TOKEN'])
                 backend.hset('vmpooler__vm__' + vm, 'token:user',
                   backend.hget('vmpooler__token__' + request.env['HTTP_X_AUTH_TOKEN'], 'user')
@@ -352,17 +352,17 @@ module Vmpooler
       content_type :json
 
       result = {}
-      request = {}
+      payload = {}
 
       params[:template].split('+').each do |template|
-        request[template] ||= 0
-        request[template] = request[template] + 1
+        payload[template] ||= 0
+        payload[template] = payload[template] + 1
       end
 
       available = 1
 
-      request.keys.each do |template|
-        if backend.scard('vmpooler__ready__' + template) < request[template]
+      payload.keys.each do |template|
+        if backend.scard('vmpooler__ready__' + template) < payload[template]
           available = 0
         end
       end
@@ -382,6 +382,19 @@ module Vmpooler
             backend.hset('vmpooler__active__' + template, vm, Time.now)
             backend.hset('vmpooler__vm__' + vm, 'checkout', Time.now)
 
+            if Vmpooler::API.settings.config[:auth] and has_token?
+              validate_token(backend)
+
+              backend.hset('vmpooler__vm__' + vm, 'token:token', request.env['HTTP_X_AUTH_TOKEN'])
+              backend.hset('vmpooler__vm__' + vm, 'token:user',
+                backend.hget('vmpooler__token__' + request.env['HTTP_X_AUTH_TOKEN'], 'user')
+              )
+
+              if config['vm_lifetime_auth'].to_i > 0
+                backend.hset('vmpooler__vm__' + vm, 'lifetime', config['vm_lifetime_auth'].to_i)
+              end
+            end
+
             result[template] ||= {}
 
             if result[template]['hostname']
diff --git a/spec/vmpooler/api/v1_spec.rb b/spec/vmpooler/api/v1_spec.rb
index f85d712..4e6240d 100644
--- a/spec/vmpooler/api/v1_spec.rb
+++ b/spec/vmpooler/api/v1_spec.rb
@@ -49,7 +49,7 @@ describe Vmpooler::API::V1 do
 
         it 'returns a list of tokens if authed' do
           expect(redis).to receive(:keys).with('vmpooler__token__*').and_return(["vmpooler__token__abc"])
-          expect(redis).to receive(:hgetall).with('vmpooler__token__abc').and_return({"user" => "admin", "timestamp" => "now"})
+          expect(redis).to receive(:hgetall).with('vmpooler__token__abc').and_return({"user" => "admin", "created" => "now"})
 
           authorize 'admin', 's3cr3t'