なんかもうめっちゃ変えた
This commit is contained in:
syuilo
@@ -1,9 +1,11 @@
|
||||
import * as crypto from 'node:crypto';
|
||||
import define from '../../define.js';
|
||||
import { ApiError } from '../../error.js';
|
||||
import { AuthSessions, AccessTokens, Apps } from '@/models/index.js';
|
||||
import { genId } from '@/misc/gen-id.js';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { AuthSessionsRepository, AppsRepository, AccessTokensRepository } from '@/models/index.js';
|
||||
import { IdService } from '@/core/IdService.js';
|
||||
import { secureRndstr } from '@/misc/secure-rndstr.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import { ApiError } from '../../error.js';
|
||||
|
||||
export const meta = {
|
||||
tags: ['auth'],
|
||||
@@ -30,49 +32,65 @@ export const paramDef = {
|
||||
} as const;
|
||||
|
||||
// eslint-disable-next-line import/no-default-export
|
||||
export default define(meta, paramDef, async (ps, user) => {
|
||||
// Fetch token
|
||||
const session = await AuthSessions
|
||||
.findOneBy({ token: ps.token });
|
||||
@Injectable()
|
||||
export default class extends Endpoint<typeof meta, typeof paramDef> {
|
||||
constructor(
|
||||
@Inject(DI.appsRepository)
|
||||
private appsRepository: AppsRepository,
|
||||
|
||||
if (session == null) {
|
||||
throw new ApiError(meta.errors.noSuchSession);
|
||||
}
|
||||
@Inject(DI.authSessionsRepository)
|
||||
private authSessionsRepository: AuthSessionsRepository,
|
||||
|
||||
// Generate access token
|
||||
const accessToken = secureRndstr(32, true);
|
||||
@Inject(DI.accessTokensRepository)
|
||||
private accessTokensRepository: AccessTokensRepository,
|
||||
|
||||
// Fetch exist access token
|
||||
const exist = await AccessTokens.findOneBy({
|
||||
appId: session.appId,
|
||||
userId: user.id,
|
||||
});
|
||||
private idService: IdService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
// Fetch token
|
||||
const session = await this.authSessionsRepository
|
||||
.findOneBy({ token: ps.token });
|
||||
|
||||
if (exist == null) {
|
||||
// Lookup app
|
||||
const app = await Apps.findOneByOrFail({ id: session.appId });
|
||||
if (session == null) {
|
||||
throw new ApiError(meta.errors.noSuchSession);
|
||||
}
|
||||
|
||||
// Generate Hash
|
||||
const sha256 = crypto.createHash('sha256');
|
||||
sha256.update(accessToken + app.secret);
|
||||
const hash = sha256.digest('hex');
|
||||
// Generate access token
|
||||
const accessToken = secureRndstr(32, true);
|
||||
|
||||
const now = new Date();
|
||||
// Fetch exist access token
|
||||
const exist = await this.accessTokensRepository.findOneBy({
|
||||
appId: session.appId,
|
||||
userId: me.id,
|
||||
});
|
||||
|
||||
// Insert access token doc
|
||||
await AccessTokens.insert({
|
||||
id: genId(),
|
||||
createdAt: now,
|
||||
lastUsedAt: now,
|
||||
appId: session.appId,
|
||||
userId: user.id,
|
||||
token: accessToken,
|
||||
hash: hash,
|
||||
if (exist == null) {
|
||||
// Lookup app
|
||||
const app = await this.appsRepository.findOneByOrFail({ id: session.appId });
|
||||
|
||||
// Generate Hash
|
||||
const sha256 = crypto.createHash('sha256');
|
||||
sha256.update(accessToken + app.secret);
|
||||
const hash = sha256.digest('hex');
|
||||
|
||||
const now = new Date();
|
||||
|
||||
// Insert access token doc
|
||||
await this.accessTokensRepository.insert({
|
||||
id: this.idService.genId(),
|
||||
createdAt: now,
|
||||
lastUsedAt: now,
|
||||
appId: session.appId,
|
||||
userId: me.id,
|
||||
token: accessToken,
|
||||
hash: hash,
|
||||
});
|
||||
}
|
||||
|
||||
// Update session
|
||||
await this.authSessionsRepository.update(session.id, {
|
||||
userId: me.id,
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
// Update session
|
||||
await AuthSessions.update(session.id, {
|
||||
userId: user.id,
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
import { v4 as uuid } from 'uuid';
|
||||
import config from '@/config/index.js';
|
||||
import define from '../../../define.js';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { AppsRepository, AuthSessionsRepository } from '@/models/index.js';
|
||||
import { IdService } from '@/core/IdService.js';
|
||||
import { Config } from '@/config.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import { ApiError } from '../../../error.js';
|
||||
import { Apps, AuthSessions } from '@/models/index.js';
|
||||
import { genId } from '@/misc/gen-id.js';
|
||||
|
||||
export const meta = {
|
||||
tags: ['auth'],
|
||||
@@ -44,29 +46,45 @@ export const paramDef = {
|
||||
} as const;
|
||||
|
||||
// eslint-disable-next-line import/no-default-export
|
||||
export default define(meta, paramDef, async (ps) => {
|
||||
// Lookup app
|
||||
const app = await Apps.findOneBy({
|
||||
secret: ps.appSecret,
|
||||
});
|
||||
@Injectable()
|
||||
export default class extends Endpoint<typeof meta, typeof paramDef> {
|
||||
constructor(
|
||||
@Inject(DI.config)
|
||||
private config: Config,
|
||||
|
||||
if (app == null) {
|
||||
throw new ApiError(meta.errors.noSuchApp);
|
||||
@Inject(DI.appsRepository)
|
||||
private appsRepository: AppsRepository,
|
||||
|
||||
@Inject(DI.authSessionsRepository)
|
||||
private authSessionsRepository: AuthSessionsRepository,
|
||||
|
||||
private idService: IdService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
// Lookup app
|
||||
const app = await this.appsRepository.findOneBy({
|
||||
secret: ps.appSecret,
|
||||
});
|
||||
|
||||
if (app == null) {
|
||||
throw new ApiError(meta.errors.noSuchApp);
|
||||
}
|
||||
|
||||
// Generate token
|
||||
const token = uuid();
|
||||
|
||||
// Create session token document
|
||||
const doc = await this.authSessionsRepository.insert({
|
||||
id: this.idService.genId(),
|
||||
createdAt: new Date(),
|
||||
appId: app.id,
|
||||
token: token,
|
||||
}).then(x => this.authSessionsRepository.findOneByOrFail(x.identifiers[0]));
|
||||
|
||||
return {
|
||||
token: doc.token,
|
||||
url: `${this.config.authUrl}/${doc.token}`,
|
||||
};
|
||||
});
|
||||
}
|
||||
|
||||
// Generate token
|
||||
const token = uuid();
|
||||
|
||||
// Create session token document
|
||||
const doc = await AuthSessions.insert({
|
||||
id: genId(),
|
||||
createdAt: new Date(),
|
||||
appId: app.id,
|
||||
token: token,
|
||||
}).then(x => AuthSessions.findOneByOrFail(x.identifiers[0]));
|
||||
|
||||
return {
|
||||
token: doc.token,
|
||||
url: `${config.authUrl}/${doc.token}`,
|
||||
};
|
||||
});
|
||||
}
|
||||
|
||||
@@ -1,6 +1,9 @@
|
||||
import define from '../../../define.js';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { AuthSessionsRepository } from '@/models/index.js';
|
||||
import { AuthSessionEntityService } from '@/core/entities/AuthSessionEntityService.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import { ApiError } from '../../../error.js';
|
||||
import { AuthSessions } from '@/models/index.js';
|
||||
|
||||
export const meta = {
|
||||
tags: ['auth'],
|
||||
@@ -46,15 +49,25 @@ export const paramDef = {
|
||||
} as const;
|
||||
|
||||
// eslint-disable-next-line import/no-default-export
|
||||
export default define(meta, paramDef, async (ps, user) => {
|
||||
// Lookup session
|
||||
const session = await AuthSessions.findOneBy({
|
||||
token: ps.token,
|
||||
});
|
||||
@Injectable()
|
||||
export default class extends Endpoint<typeof meta, typeof paramDef> {
|
||||
constructor(
|
||||
@Inject(DI.authSessionsRepository)
|
||||
private authSessionsRepository: AuthSessionsRepository,
|
||||
|
||||
if (session == null) {
|
||||
throw new ApiError(meta.errors.noSuchSession);
|
||||
private authSessionEntityService: AuthSessionEntityService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
// Lookup session
|
||||
const session = await this.authSessionsRepository.findOneBy({
|
||||
token: ps.token,
|
||||
});
|
||||
|
||||
if (session == null) {
|
||||
throw new ApiError(meta.errors.noSuchSession);
|
||||
}
|
||||
|
||||
return await this.authSessionEntityService.pack(session, me);
|
||||
});
|
||||
}
|
||||
|
||||
return await AuthSessions.pack(session, user);
|
||||
});
|
||||
}
|
||||
|
||||
@@ -1,6 +1,9 @@
|
||||
import define from '../../../define.js';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { UsersRepository, AppsRepository, AccessTokensRepository, AuthSessionsRepository } from '@/models/index.js';
|
||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import { ApiError } from '../../../error.js';
|
||||
import { Apps, AuthSessions, AccessTokens, Users } from '@/models/index.js';
|
||||
|
||||
export const meta = {
|
||||
tags: ['auth'],
|
||||
@@ -55,43 +58,62 @@ export const paramDef = {
|
||||
} as const;
|
||||
|
||||
// eslint-disable-next-line import/no-default-export
|
||||
export default define(meta, paramDef, async (ps) => {
|
||||
// Lookup app
|
||||
const app = await Apps.findOneBy({
|
||||
secret: ps.appSecret,
|
||||
});
|
||||
@Injectable()
|
||||
export default class extends Endpoint<typeof meta, typeof paramDef> {
|
||||
constructor(
|
||||
@Inject(DI.usersRepository)
|
||||
private usersRepository: UsersRepository,
|
||||
|
||||
if (app == null) {
|
||||
throw new ApiError(meta.errors.noSuchApp);
|
||||
@Inject(DI.appsRepository)
|
||||
private appsRepository: AppsRepository,
|
||||
|
||||
@Inject(DI.authSessionsRepository)
|
||||
private authSessionsRepository: AuthSessionsRepository,
|
||||
|
||||
@Inject(DI.accessTokensRepository)
|
||||
private accessTokensRepository: AccessTokensRepository,
|
||||
|
||||
private userEntityService: UserEntityService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
// Lookup app
|
||||
const app = await this.appsRepository.findOneBy({
|
||||
secret: ps.appSecret,
|
||||
});
|
||||
|
||||
if (app == null) {
|
||||
throw new ApiError(meta.errors.noSuchApp);
|
||||
}
|
||||
|
||||
// Fetch token
|
||||
const session = await this.authSessionsRepository.findOneBy({
|
||||
token: ps.token,
|
||||
appId: app.id,
|
||||
});
|
||||
|
||||
if (session == null) {
|
||||
throw new ApiError(meta.errors.noSuchSession);
|
||||
}
|
||||
|
||||
if (session.userId == null) {
|
||||
throw new ApiError(meta.errors.pendingSession);
|
||||
}
|
||||
|
||||
// Lookup access token
|
||||
const accessToken = await this.accessTokensRepository.findOneByOrFail({
|
||||
appId: app.id,
|
||||
userId: session.userId,
|
||||
});
|
||||
|
||||
// Delete session
|
||||
this.authSessionsRepository.delete(session.id);
|
||||
|
||||
return {
|
||||
accessToken: accessToken.token,
|
||||
user: await this.userEntityService.pack(session.userId, null, {
|
||||
detail: true,
|
||||
}),
|
||||
};
|
||||
});
|
||||
}
|
||||
|
||||
// Fetch token
|
||||
const session = await AuthSessions.findOneBy({
|
||||
token: ps.token,
|
||||
appId: app.id,
|
||||
});
|
||||
|
||||
if (session == null) {
|
||||
throw new ApiError(meta.errors.noSuchSession);
|
||||
}
|
||||
|
||||
if (session.userId == null) {
|
||||
throw new ApiError(meta.errors.pendingSession);
|
||||
}
|
||||
|
||||
// Lookup access token
|
||||
const accessToken = await AccessTokens.findOneByOrFail({
|
||||
appId: app.id,
|
||||
userId: session.userId,
|
||||
});
|
||||
|
||||
// Delete session
|
||||
AuthSessions.delete(session.id);
|
||||
|
||||
return {
|
||||
accessToken: accessToken.token,
|
||||
user: await Users.pack(session.userId, null, {
|
||||
detail: true,
|
||||
}),
|
||||
};
|
||||
});
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user