Sharkey/packages/backend/src/server/api/endpoints/miauth/gen-token.ts

import $ from 'cafy';
import define from '../../define';
import { AccessTokens } from '@/models/index';
import { genId } from '@/misc/gen-id';
import { secureRndstr } from '@/misc/secure-rndstr';

export const meta = {
	tags: ['auth'],

	requireCredential: true as const,

	secure: true,

	params: {
		session: {
			validator: $.nullable.str,
		},

		name: {
			validator: $.nullable.optional.str,
		},

		description: {
			validator: $.nullable.optional.str,
		},

		iconUrl: {
			validator: $.nullable.optional.str,
		},

		permission: {
			validator: $.arr($.str).unique(),
		},
	},

	res: {
		type: 'object' as const,
		optional: false as const, nullable: false as const,
		properties: {
			token: {
				type: 'string' as const,
				optional: false as const, nullable: false as const,
			},
		},
	},
};

// eslint-disable-next-line import/no-default-export
export default define(meta, async (ps, user) => {
	// Generate access token
	const accessToken = secureRndstr(32, true);

	const now = new Date();

	// Insert access token doc
	await AccessTokens.insert({
		id: genId(),
		createdAt: now,
		lastUsedAt: now,
		session: ps.session,
		userId: user.id,
		token: accessToken,
		hash: accessToken,
		name: ps.name,
		description: ps.description,
		iconUrl: ps.iconUrl,
		permission: ps.permission,
	});

	return {
		token: accessToken,
	};
});
Implement MiAuth 2020-03-28 04:24:37 +02:00			`import $ from 'cafy';`
fix: mochaが動かないため拡張子なしに戻した 2021-08-19 15:55:45 +03:00			`import define from '../../define';`
			`import { AccessTokens } from '@/models/index';`
			`import { genId } from '@/misc/gen-id';`
			`import { secureRndstr } from '@/misc/secure-rndstr';`
Implement MiAuth 2020-03-28 04:24:37 +02:00
			`export const meta = {`
			`tags: ['auth'],`

			`requireCredential: true as const,`

			`secure: true,`

			`params: {`
			`session: {`
fix lint 2021-12-09 16:58:30 +02:00			`validator: $.nullable.str,`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`},`

			`name: {`
fix lint 2021-12-09 16:58:30 +02:00			`validator: $.nullable.optional.str,`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`},`

			`description: {`
			`validator: $.nullable.optional.str,`
			`},`

			`iconUrl: {`
			`validator: $.nullable.optional.str,`
			`},`

			`permission: {`
			`validator: $.arr($.str).unique(),`
			`},`
			`},`
APIドキュメントの改善 (#6757) * Update api document in admin/announcements * Update api document in announcements * Update api document in i/read-announcements * Update api document in username/available * Update api document & Fix typo in API 403 error * Update api document * Update api document * Update api document * Fix API permission definition * Update api document * Update api document * Update api document * Update api document * Update api document * Update api document * Update api document * Update api document * Fix bug in users (api) * Apply reviews #6757 * Apply reviews #6757 Co-authored-by: syuilo <Syuilotan@yahoo.co.jp> 2021-03-06 15:34:11 +02:00
			`res: {`
			`type: 'object' as const,`
			`optional: false as const, nullable: false as const,`
			`properties: {`
			`token: {`
			`type: 'string' as const,`
fix lint 2021-12-09 16:58:30 +02:00			`optional: false as const, nullable: false as const,`
			`},`
			`},`
			`},`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`};`

lint 2022-01-02 19:12:50 +02:00			`// eslint-disable-next-line import/no-default-export`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`export default define(meta, async (ps, user) => {`
			`// Generate access token`
トークン系の乱数ソースではcryptoを使うように (#6200) 2020-03-29 17:16:36 +03:00			`const accessToken = secureRndstr(32, true);`
Implement MiAuth 2020-03-28 04:24:37 +02:00
enhance(api): アクセストークンを作成する際、createdAtをlastUsedAtを揃えるようにして、未使用かどうかを判定できるように 2020-08-04 17:09:48 +03:00			`const now = new Date();`

Implement MiAuth 2020-03-28 04:24:37 +02:00			`// Insert access token doc`
wip #6441 2021-03-21 14:27:09 +02:00			`await AccessTokens.insert({`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`id: genId(),`
enhance(api): アクセストークンを作成する際、createdAtをlastUsedAtを揃えるようにして、未使用かどうかを判定できるように 2020-08-04 17:09:48 +03:00			`createdAt: now,`
			`lastUsedAt: now,`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`session: ps.session,`
			`userId: user.id,`
			`token: accessToken,`
			`hash: accessToken,`
			`name: ps.name,`
			`description: ps.description,`
			`iconUrl: ps.iconUrl,`
			`permission: ps.permission,`
			`});`
feat: トークン手動発行機能 2020-07-18 06:12:10 +03:00
			`return {`
fix lint 2021-12-09 16:58:30 +02:00			`token: accessToken,`
feat: トークン手動発行機能 2020-07-18 06:12:10 +03:00			`};`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`});`