pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-23 21:36:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update rekey endpoints and pages

Browse Source
This commit is contained in:
Owen
2025-12-05 18:30:32 -05:00
parent 313d3c72da
commit d1c7832e40
9 changed files with 238 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
server/private/routers/re-key/reGenerateClientSecret.ts
View File

@@ -13,7 +13,7 @@
import { Request, Response, NextFunction } from "express";
import { z } from "zod";
import { db, olms, } from "@server/db";
import { db, olms } from "@server/db";
import { clients } from "@server/db";
import response from "@server/lib/response";
import HttpCode from "@server/types/HttpCode";
@@ -23,16 +23,16 @@ import { eq, and } from "drizzle-orm";
import { fromError } from "zod-validation-error";
import { OpenAPITags, registry } from "@server/openApi";
import { hashPassword } from "@server/auth/password";
import { disconnectClient, sendToClient } from "#dynamic/routers/ws";
const reGenerateSecretParamsSchema = z.strictObject({
clientId: z.string().transform(Number).pipe(z.int().positive())
});
clientId: z.string().transform(Number).pipe(z.int().positive())
});
const reGenerateSecretBodySchema = z.strictObject({
olmId: z.string().min(1).optional(),
secret: z.string().min(1).optional(),
});
// olmId: z.string().min(1).optional(),
secret: z.string().min(1)
});
export type ReGenerateSecretBody = z.infer<typeof reGenerateSecretBodySchema>;
@@ -54,7 +54,6 @@ registry.registerPath({
responses: {}
});
export async function reGenerateClientSecret(
req: Request,
res: Response,
@@ -71,7 +70,7 @@ export async function reGenerateClientSecret(
);
}
const { olmId, secret } = parsedBody.data;
const { secret } = parsedBody.data;
const parsedParams = reGenerateSecretParamsSchema.safeParse(req.params);
if (!parsedParams.success) {
@@ -85,11 +84,7 @@ export async function reGenerateClientSecret(
const { clientId } = parsedParams.data;
let secretHash = undefined;
if (secret) {
secretHash = await hashPassword(secret);
}
const secretHash = await hashPassword(secret);
// Fetch the client to make sure it exists and the user has access to it
const [client] = await db
@@ -107,24 +102,51 @@ export async function reGenerateClientSecret(
);
}
const [existingOlm] = await db
const existingOlms = await db
.select()
.from(olms)
.where(eq(olms.clientId, clientId))
.limit(1);
.where(eq(olms.clientId, clientId));
if (existingOlm && olmId && secretHash) {
await db
.update(olms)
.set({
olmId,
secretHash
})
.where(eq(olms.clientId, clientId));
if (existingOlms.length === 0) {
return next(
createHttpError(
HttpCode.NOT_FOUND,
`No OLM found for client ID ${clientId}`
)
);
}
if (existingOlms.length > 1) {
return next(
createHttpError(
HttpCode.INTERNAL_SERVER_ERROR,
`Multiple OLM entries found for client ID ${clientId}`
)
);
}
await db
.update(olms)
.set({
secretHash
})
.where(eq(olms.olmId, existingOlms[0].olmId));
const payload = {
type: `olm/terminate`,
data: {}
};
// Don't await this to prevent blocking the response
sendToClient(existingOlms[0].olmId, payload).catch((error) => {
logger.error("Failed to send termination message to olm:", error);
});
disconnectClient(existingOlms[0].olmId).catch((error) => {
logger.error("Failed to disconnect olm after re-key:", error);
});
return response(res, {
data: existingOlm,
data: existingOlms,
success: true,
error: false,
message: "Credentials regenerated successfully",