From 469d28617582cce4a08bc3ce687042b02bb29b79 Mon Sep 17 00:00:00 2001
From: Jason Volk <jason@zemos.net>
Date: Sat, 16 Sep 2017 15:22:54 -0700
Subject: [PATCH] ircd: Use db based access_token query for auth.

---
 ircd/resource.cc | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/ircd/resource.cc b/ircd/resource.cc
index 209e4f1d4..6cbc93071 100644
--- a/ircd/resource.cc
+++ b/ircd/resource.cc
@@ -108,15 +108,30 @@ noexcept
 
 namespace ircd {
 
+const m::room accounts
+{
+	m::id::room{"!accounts:cdc.z"}
+};
+
 static void
 authenticate(client &client,
              resource::method &method,
              resource::request &request)
 try
 {
-	const auto &access_token(request.query.at("access_token"));
-	const auto it(resource::tokens.find(access_token));
-	if(it == end(resource::tokens))
+	const auto &access_token
+	{
+		request.query.at("access_token")
+	};
+
+	// Sets up the query to find the access_token in the accounts room
+	const m::events::where::equal query
+	{
+		{ "type",        "ircd.access_token" },
+		{ "state_key",   access_token        }
+	};
+
+	if(!accounts.any(query))
 		throw m::error
 		{
 			// When credentials are required but missing or invalid, the HTTP call will return with