add: developer panel

crates/core/src/database/auth.rs

@@ -114,7 +114,11 @@ impl DataManager {
     ///
     /// # Arguments
     /// * `token` - the token of the user
-    pub async fn get_user_by_grant_token(&self, token: &str) -> Result<(AuthGrant, User)> {
+    pub async fn get_user_by_grant_token(
+        &self,
+        token: &str,
+        check_expiration: bool,
+    ) -> Result<(AuthGrant, User)> {
         let conn = match self.0.connect().await {
             Ok(c) => c,
             Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
@@ -122,7 +126,7 @@ impl DataManager {
 
         let res = query_row!(
             &conn,
-            "SELECT * FROM users WHERE grants::jsonb @> ('{\"token\":' || $1 || '}')::jsonb",
+            "SELECT * FROM users WHERE (SELECT jsonb_array_elements(grants::jsonb) @> ('{\"token\":\"' || $1 || '\"}')::jsonb)",
             &[&token],
             |x| Ok(Self::get_user_from_row(x))
         );
@@ -132,14 +136,25 @@ impl DataManager {
         }
 
         let user = res.unwrap();
-        Ok((
-            user.grants
-                .iter()
-                .find(|x| x.token == token)
-                .unwrap()
-                .clone(),
-            user,
-        ))
+        let grant = user
+            .grants
+            .iter()
+            .find(|x| x.token == token)
+            .unwrap()
+            .clone();
+
+        // check token expiry
+        if check_expiration {
+            let now = unix_epoch_timestamp();
+            let delta = now - grant.last_updated;
+
+            if delta > 604_800_000 {
+                return Err(Error::MiscError("Token expired".to_string()));
+            }
+        }
+
+        // ...
+        Ok((grant, user))
     }
 
     /// Create a new user in the database.