Sharkey/src/server/api/endpoints/miauth/gen-token.ts

import $ from 'cafy';
import define from '../../define.js';
import { AccessTokens } from '@/models/index.js';
import { genId } from '@/misc/gen-id.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';

export const meta = {
	tags: ['auth'],

	requireCredential: true as const,

	secure: true,

	params: {
		session: {
			validator: $.nullable.str
		},

		name: {
			validator: $.nullable.optional.str
		},

		description: {
			validator: $.nullable.optional.str,
		},

		iconUrl: {
			validator: $.nullable.optional.str,
		},

		permission: {
			validator: $.arr($.str).unique(),
		},
	},

	res: {
		type: 'object' as const,
		optional: false as const, nullable: false as const,
		properties: {
			token: {
				type: 'string' as const,
				optional: false as const, nullable: false as const
			}
		}
	}
};

export default define(meta, async (ps, user) => {
	// Generate access token
	const accessToken = secureRndstr(32, true);

	const now = new Date();

	// Insert access token doc
	await AccessTokens.insert({
		id: genId(),
		createdAt: now,
		lastUsedAt: now,
		session: ps.session,
		userId: user.id,
		token: accessToken,
		hash: accessToken,
		name: ps.name,
		description: ps.description,
		iconUrl: ps.iconUrl,
		permission: ps.permission,
	});

	return {
		token: accessToken
	};
});
Implement MiAuth 2020-03-28 04:24:37 +02:00			`import $ from 'cafy';`
refactor: refactoring imports 将来ESMに移行しやすいように Related: #7658 なんかmochaが起動しなくなってるけど理由不明すぐ直したい 2021-08-19 12:33:41 +03:00			`import define from '../../define.js';`
			`import { AccessTokens } from '@/models/index.js';`
			`import { genId } from '@/misc/gen-id.js';`
			`import { secureRndstr } from '@/misc/secure-rndstr.js';`
Implement MiAuth 2020-03-28 04:24:37 +02:00
			`export const meta = {`
			`tags: ['auth'],`

			`requireCredential: true as const,`

			`secure: true,`

			`params: {`
			`session: {`
feat: トークン手動発行機能 2020-07-18 06:12:10 +03:00			`validator: $.nullable.str`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`},`

			`name: {`
			`validator: $.nullable.optional.str`
			`},`

			`description: {`
			`validator: $.nullable.optional.str,`
			`},`

			`iconUrl: {`
			`validator: $.nullable.optional.str,`
			`},`

			`permission: {`
			`validator: $.arr($.str).unique(),`
			`},`
			`},`
APIドキュメントの改善 (#6757) * Update api document in admin/announcements * Update api document in announcements * Update api document in i/read-announcements * Update api document in username/available * Update api document & Fix typo in API 403 error * Update api document * Update api document * Update api document * Fix API permission definition * Update api document * Update api document * Update api document * Update api document * Update api document * Update api document * Update api document * Update api document * Fix bug in users (api) * Apply reviews #6757 * Apply reviews #6757 Co-authored-by: syuilo <Syuilotan@yahoo.co.jp> 2021-03-06 15:34:11 +02:00
			`res: {`
			`type: 'object' as const,`
			`optional: false as const, nullable: false as const,`
			`properties: {`
			`token: {`
			`type: 'string' as const,`
			`optional: false as const, nullable: false as const`
			`}`
			`}`
			`}`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`};`

			`export default define(meta, async (ps, user) => {`
			`// Generate access token`
トークン系の乱数ソースではcryptoを使うように (#6200) 2020-03-29 17:16:36 +03:00			`const accessToken = secureRndstr(32, true);`
Implement MiAuth 2020-03-28 04:24:37 +02:00
enhance(api): アクセストークンを作成する際、createdAtをlastUsedAtを揃えるようにして、未使用かどうかを判定できるように 2020-08-04 17:09:48 +03:00			`const now = new Date();`

Implement MiAuth 2020-03-28 04:24:37 +02:00			`// Insert access token doc`
wip #6441 2021-03-21 14:27:09 +02:00			`await AccessTokens.insert({`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`id: genId(),`
enhance(api): アクセストークンを作成する際、createdAtをlastUsedAtを揃えるようにして、未使用かどうかを判定できるように 2020-08-04 17:09:48 +03:00			`createdAt: now,`
			`lastUsedAt: now,`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`session: ps.session,`
			`userId: user.id,`
			`token: accessToken,`
			`hash: accessToken,`
			`name: ps.name,`
			`description: ps.description,`
			`iconUrl: ps.iconUrl,`
			`permission: ps.permission,`
			`});`
feat: トークン手動発行機能 2020-07-18 06:12:10 +03:00
			`return {`
			`token: accessToken`
			`};`
Implement MiAuth 2020-03-28 04:24:37 +02:00			`});`