feat: add caldav tokens (#1065)

# Description

This PR adds API routes to create and manage caldav tokens. These tokens can be used instead of a user password - required for users who are using external auth providers and don't have a password.

Fixes #842

Frontend: https://kolaente.dev/vikunja/frontend/pulls/1186

Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1065

pkg/user/token.go

@@ -34,17 +34,19 @@ const (
 	TokenPasswordReset
 	TokenEmailConfirm
 	TokenAccountDeletion
+	TokenCaldavAuth
 
 	tokenSize = 64
 )
 
 // Token is a token a user can use to do things like verify their email or resetting their password
 type Token struct {
-	ID      int64     `xorm:"bigint autoincr not null unique pk"`
-	UserID  int64     `xorm:"not null"`
-	Token   string    `xorm:"varchar(450) not null index"`
-	Kind    TokenKind `xorm:"not null"`
-	Created time.Time `xorm:"created not null"`
+	ID             int64     `xorm:"bigint autoincr not null unique pk" json:"id"`
+	UserID         int64     `xorm:"not null" json:"-"`
+	Token          string    `xorm:"varchar(450) not null index" json:"-"`
+	ClearTextToken string    `xorm:"-" json:"token"`
+	Kind           TokenKind `xorm:"not null" json:"-"`
+	Created        time.Time `xorm:"created not null" json:"created"`
 }
 
 // TableName returns the real table name for user tokens
@@ -52,12 +54,28 @@ func (t *Token) TableName() string {
 	return "user_tokens"
 }
 
-func generateNewToken(s *xorm.Session, u *User, kind TokenKind) (token *Token, err error) {
-	token = &Token{
+func genToken(u *User, kind TokenKind) *Token {
+	return &Token{
 		UserID: u.ID,
 		Kind:   kind,
 		Token:  utils.MakeRandomString(tokenSize),
 	}
+}
+
+func generateToken(s *xorm.Session, u *User, kind TokenKind) (token *Token, err error) {
+	token = genToken(u, kind)
+
+	_, err = s.Insert(token)
+	return
+}
+
+func generateHashedToken(s *xorm.Session, u *User, kind TokenKind) (token *Token, err error) {
+	token = genToken(u, kind)
+	token.ClearTextToken = token.Token
+	token.Token, err = HashPassword(token.ClearTextToken)
+	if err != nil {
+		return nil, err
+	}
 
 	_, err = s.Insert(token)
 	return
@@ -74,12 +92,26 @@ func getToken(s *xorm.Session, token string, kind TokenKind) (t *Token, err erro
 	return
 }
 
+func getTokensForKind(s *xorm.Session, u *User, kind TokenKind) (tokens []*Token, err error) {
+	tokens = []*Token{}
+
+	err = s.Where("kind = ? AND user_id = ?", kind, u.ID).
+		Find(&tokens)
+	return
+}
+
 func removeTokens(s *xorm.Session, u *User, kind TokenKind) (err error) {
 	_, err = s.Where("user_id = ? AND kind = ?", u.ID, kind).
 		Delete(&Token{})
 	return
 }
 
+func removeTokenByID(s *xorm.Session, u *User, kind TokenKind, id int64) (err error) {
+	_, err = s.Where("id = ? AND user_id = ? AND kind = ?", id, u.ID, kind).
+		Delete(&Token{})
+	return
+}
+
 // RegisterTokenCleanupCron registers a cron function to clean up all password reset tokens older than 24 hours
 func RegisterTokenCleanupCron() {
 	const logPrefix = "[User Token Cleanup Cron] "