api Controller & token

2025-01-21 13:54:52 +01:00 · 2025-01-21 13:54:52 +01:00 · 4568bef10e
commit 4568bef10e
parent 36ecccd0dc
8 changed files with 115 additions and 5 deletions
--- a/src/controller/admin/user/apiController.ts
+++ b/src/controller/admin/user/apiController.ts
@ -7,6 +7,9 @@ import { CreateApiCommand, DeleteApiCommand, UpdateApiCommand } from "../../../c
 import ApiCommandHandler from "../../../command/user/api/apiCommandHandler";
 import { UpdateApiPermissionsCommand } from "../../../command/user/api/apiPermissionCommand";
 import ApiPermissionCommandHandler from "../../../command/user/api/apiPermissionCommandHandler";
+import { JWTHelper } from "../../../helpers/jwtHelper";
+import { CLUB_NAME } from "../../../env.defaults";
+import { StringHelper } from "../../../helpers/stringHelper";

 /**
 * @description get All apis
@ -69,10 +72,15 @@ export async function createApi(req: Request, res: Response): Promise<any> {
  let title = req.body.title;
  let expiry = req.body.expiry;

-  // TODO: create jwt as token to prevent random string tests
+  let token = await JWTHelper.create({
+    iss: CLUB_NAME,
+    sub: "api_token_retrieve",
+    iat: new Date().toISOString(),
+    aud: StringHelper.random(32),
+  });

  let createApi: CreateApiCommand = {
-    token: "",
+    token: token,
    title: title,
    expiry: expiry,
  };
--- a/src/controller/apiController.ts
+++ b/src/controller/apiController.ts
@ -0,0 +1,34 @@
+import { Request, Response } from "express";
+import { JWTHelper } from "../helpers/jwtHelper";
+import { JWTToken } from "../type/jwtTypes";
+import InternalException from "../exceptions/internalException";
+import RefreshCommandHandler from "../command/refreshCommandHandler";
+import { CreateRefreshCommand, DeleteRefreshCommand } from "../command/refreshCommand";
+import UserService from "../service/user/userService";
+import speakeasy from "speakeasy";
+import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
+import RefreshService from "../service/refreshService";
+import ApiService from "../service/user/apiService";
+import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
+
+/**
+ * @description Check authentication status by token
+ * @param req {Request} Express req object
+ * @param res {Response} Express res object
+ * @returns {Promise<*>}
+ */
+export async function getAccess(req: Request, res: Response): Promise<any> {
+  const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;
+
+  let { expiry } = await ApiService.getByToken(bearer);
+
+  if (new Date() > new Date(expiry)) {
+    throw new ForbiddenRequestException("api token expired");
+  }
+
+  let accessToken = await JWTHelper.buildApiToken(bearer);
+
+  res.json({
+    accessToken,
+  });
+}