jwt gen & rename fixes
This commit is contained in:
parent
313785b4ac
commit
a165231c47
13 changed files with 101 additions and 41 deletions
|
@ -33,7 +33,10 @@ export default abstract class MemberCommandHandler {
|
|||
return result.identifiers[0].id;
|
||||
})
|
||||
.catch((err) => {
|
||||
throw new InternalException("Failed creating member", err);
|
||||
throw new InternalException(
|
||||
`Failed creating member${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
||||
err
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -58,7 +61,10 @@ export default abstract class MemberCommandHandler {
|
|||
.execute()
|
||||
.then(() => {})
|
||||
.catch((err) => {
|
||||
throw new InternalException("Failed updating member", err);
|
||||
throw new InternalException(
|
||||
`Failed updating member${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
||||
err
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -83,7 +89,7 @@ export default abstract class MemberCommandHandler {
|
|||
.execute()
|
||||
.then(() => {})
|
||||
.catch((err) => {
|
||||
throw new InternalException("Failed updating member", err);
|
||||
throw new InternalException(`Failed updating member`, err);
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
@ -10,6 +10,10 @@ export interface UpdateWebapiCommand {
|
|||
expiry?: Date;
|
||||
}
|
||||
|
||||
export interface UpdateLastUsageWebapiCommand {
|
||||
id: number;
|
||||
}
|
||||
|
||||
export interface DeleteWebapiCommand {
|
||||
id: number;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,12 @@
|
|||
import { dataSource } from "../../../data-source";
|
||||
import { webapi } from "../../../entity/user/webapi";
|
||||
import InternalException from "../../../exceptions/internalException";
|
||||
import { CreateWebapiCommand, DeleteWebapiCommand, UpdateWebapiCommand } from "./webapiCommand";
|
||||
import {
|
||||
CreateWebapiCommand,
|
||||
DeleteWebapiCommand,
|
||||
UpdateLastUsageWebapiCommand,
|
||||
UpdateWebapiCommand,
|
||||
} from "./webapiCommand";
|
||||
|
||||
export default abstract class WebapiCommandHandler {
|
||||
/**
|
||||
|
@ -24,7 +29,10 @@ export default abstract class WebapiCommandHandler {
|
|||
return result.identifiers[0].token;
|
||||
})
|
||||
.catch((err) => {
|
||||
throw new InternalException("Failed creating api", err);
|
||||
throw new InternalException(
|
||||
`Failed creating api${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
||||
err
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -45,7 +53,30 @@ export default abstract class WebapiCommandHandler {
|
|||
.execute()
|
||||
.then(() => {})
|
||||
.catch((err) => {
|
||||
throw new InternalException("Failed updating api", err);
|
||||
throw new InternalException(
|
||||
`Failed updating api${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
||||
err
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* @description update api usage
|
||||
* @param {UpdateLastUsageWebapiCommand} updateWebapi
|
||||
* @returns {Promise<void>}
|
||||
*/
|
||||
static async updateUsage(updateWebapi: UpdateLastUsageWebapiCommand): Promise<void> {
|
||||
return await dataSource
|
||||
.createQueryBuilder()
|
||||
.update(webapi)
|
||||
.set({
|
||||
lastUsage: new Date(),
|
||||
})
|
||||
.where("id = :id", { id: updateWebapi.id })
|
||||
.execute()
|
||||
.then(() => {})
|
||||
.catch((err) => {
|
||||
throw new InternalException(`Failed updating api last usage`, err);
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
@ -2,15 +2,15 @@ import { PermissionString } from "../../../type/permissionTypes";
|
|||
|
||||
export interface CreateWebapiPermissionCommand {
|
||||
permission: PermissionString;
|
||||
apiId: number;
|
||||
webapiId: number;
|
||||
}
|
||||
|
||||
export interface DeleteWebapiPermissionCommand {
|
||||
permission: PermissionString;
|
||||
apiId: number;
|
||||
webapiId: number;
|
||||
}
|
||||
|
||||
export interface UpdateWebapiPermissionsCommand {
|
||||
apiId: number;
|
||||
webapiId: number;
|
||||
permissions: Array<PermissionString>;
|
||||
}
|
||||
|
|
|
@ -19,7 +19,7 @@ export default abstract class WebapiPermissionCommandHandler {
|
|||
* @returns {Promise<void>}
|
||||
*/
|
||||
static async updatePermissions(updateWebapiPermissions: UpdateWebapiPermissionsCommand): Promise<void> {
|
||||
let currentPermissions = (await WebapiPermissionService.getByApi(updateWebapiPermissions.apiId)).map(
|
||||
let currentPermissions = (await WebapiPermissionService.getByApi(updateWebapiPermissions.webapiId)).map(
|
||||
(r) => r.permission
|
||||
);
|
||||
return await dataSource.manager
|
||||
|
@ -30,10 +30,10 @@ export default abstract class WebapiPermissionCommandHandler {
|
|||
updateWebapiPermissions.permissions
|
||||
);
|
||||
if (newPermissions.length != 0) {
|
||||
await this.updatePermissionsAdd(manager, updateWebapiPermissions.apiId, newPermissions);
|
||||
await this.updatePermissionsAdd(manager, updateWebapiPermissions.webapiId, newPermissions);
|
||||
}
|
||||
if (removePermissions.length != 0) {
|
||||
await this.updatePermissionsRemove(manager, updateWebapiPermissions.apiId, removePermissions);
|
||||
await this.updatePermissionsRemove(manager, updateWebapiPermissions.webapiId, removePermissions);
|
||||
}
|
||||
})
|
||||
.then(() => {})
|
||||
|
@ -54,7 +54,7 @@ export default abstract class WebapiPermissionCommandHandler {
|
|||
.values(
|
||||
permissions.map((p) => ({
|
||||
permission: p,
|
||||
apiId: webapiId,
|
||||
webapiId: webapiId,
|
||||
}))
|
||||
)
|
||||
.orIgnore()
|
||||
|
@ -87,7 +87,7 @@ export default abstract class WebapiPermissionCommandHandler {
|
|||
.into(webapiPermission)
|
||||
.values({
|
||||
permission: createPermission.permission,
|
||||
webapiId: createPermission.apiId,
|
||||
webapiId: createPermission.webapiId,
|
||||
})
|
||||
.execute()
|
||||
.then((result) => {
|
||||
|
@ -108,7 +108,7 @@ export default abstract class WebapiPermissionCommandHandler {
|
|||
.createQueryBuilder()
|
||||
.delete()
|
||||
.from(webapiPermission)
|
||||
.where("webapiId = :id", { id: deletePermission.apiId })
|
||||
.where("webapiId = :id", { id: deletePermission.webapiId })
|
||||
.andWhere("permission = :permission", { permission: deletePermission.permission })
|
||||
.execute()
|
||||
.then(() => {})
|
||||
|
|
|
@ -74,14 +74,16 @@ export async function getWebapiPermissions(req: Request, res: Response): Promise
|
|||
*/
|
||||
export async function createWebapi(req: Request, res: Response): Promise<any> {
|
||||
let title = req.body.title;
|
||||
let expiry = req.body.expiry;
|
||||
let expiry = req.body.expiry || null;
|
||||
|
||||
let token = await JWTHelper.create({
|
||||
iss: CLUB_NAME,
|
||||
sub: "api_token_retrieve",
|
||||
iat: new Date().toISOString(),
|
||||
aud: StringHelper.random(32),
|
||||
});
|
||||
let token = await JWTHelper.create(
|
||||
{
|
||||
iss: CLUB_NAME,
|
||||
sub: "api_token_retrieve",
|
||||
aud: StringHelper.random(32),
|
||||
},
|
||||
{ useExpiration: false }
|
||||
);
|
||||
|
||||
let createApi: CreateWebapiCommand = {
|
||||
token: token,
|
||||
|
@ -102,7 +104,7 @@ export async function createWebapi(req: Request, res: Response): Promise<any> {
|
|||
export async function updateWebapi(req: Request, res: Response): Promise<any> {
|
||||
const id = parseInt(req.params.id);
|
||||
let title = req.body.title;
|
||||
let expiry = req.body.expiry;
|
||||
let expiry = req.body.expiry || null;
|
||||
|
||||
let updateApi: UpdateWebapiCommand = {
|
||||
id: id,
|
||||
|
@ -127,7 +129,7 @@ export async function updateWebapiPermissions(req: Request, res: Response): Prom
|
|||
let permissionStrings = PermissionHelper.convertToStringArray(permissions);
|
||||
|
||||
let updateApiPermissions: UpdateWebapiPermissionsCommand = {
|
||||
apiId: id,
|
||||
webapiId: id,
|
||||
permissions: permissionStrings,
|
||||
};
|
||||
await WebapiPermissionCommandHandler.updatePermissions(updateApiPermissions);
|
||||
|
|
|
@ -10,6 +10,7 @@ import UnauthorizedRequestException from "../exceptions/unauthorizedRequestExcep
|
|||
import RefreshService from "../service/refreshService";
|
||||
import WebapiService from "../service/user/webapiService";
|
||||
import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
|
||||
import WebapiCommandHandler from "../command/user/webapi/webapiCommandHandler";
|
||||
|
||||
/**
|
||||
* @description Check authentication status by token
|
||||
|
@ -20,13 +21,15 @@ import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
|
|||
export async function getWebApiAccess(req: Request, res: Response): Promise<any> {
|
||||
const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;
|
||||
|
||||
let { expiry } = await WebapiService.getByToken(bearer);
|
||||
let { id, expiry } = await WebapiService.getByToken(bearer);
|
||||
|
||||
if (new Date() > new Date(expiry)) {
|
||||
if (expiry != null && new Date() > new Date(expiry)) {
|
||||
throw new ForbiddenRequestException("api token expired");
|
||||
}
|
||||
|
||||
let accessToken = await JWTHelper.buildWebapiToken(bearer);
|
||||
await WebapiCommandHandler.updateUsage({ id });
|
||||
|
||||
let accessToken = await JWTHelper.buildWebapiToken(bearer, expiry);
|
||||
|
||||
res.json({
|
||||
accessToken,
|
||||
|
|
|
@ -6,10 +6,10 @@ export class webapi {
|
|||
@PrimaryColumn({ generated: "increment", type: "int" })
|
||||
id: number;
|
||||
|
||||
@Column({ type: "varchar", length: 255, unique: true, select: false })
|
||||
@Column({ type: "text", unique: true, select: false })
|
||||
token: string;
|
||||
|
||||
@Column({ type: "varchar", length: 255 })
|
||||
@Column({ type: "varchar", length: 255, unique: true })
|
||||
title: string;
|
||||
|
||||
@CreateDateColumn()
|
||||
|
@ -18,7 +18,7 @@ export class webapi {
|
|||
@Column({ type: "datetime", nullable: true })
|
||||
lastUsage?: Date;
|
||||
|
||||
@Column({ type: "datetime", nullable: true })
|
||||
@Column({ type: "date", nullable: true })
|
||||
expiry?: Date;
|
||||
|
||||
@OneToMany(() => webapiPermission, (apiPermission) => apiPermission.webapi)
|
||||
|
|
|
@ -8,6 +8,7 @@ import UserService from "../service/user/userService";
|
|||
import PermissionHelper from "./permissionHelper";
|
||||
import WebapiService from "../service/user/webapiService";
|
||||
import WebapiPermissionService from "../service/user/webapiPermissionService";
|
||||
import ms from "ms";
|
||||
|
||||
export abstract class JWTHelper {
|
||||
static validate(token: string): Promise<string | jwt.JwtPayload> {
|
||||
|
@ -19,13 +20,16 @@ export abstract class JWTHelper {
|
|||
});
|
||||
}
|
||||
|
||||
static create(data: JWTData): Promise<string> {
|
||||
static create(
|
||||
data: JWTData,
|
||||
{ expOverwrite, useExpiration }: { expOverwrite?: number; useExpiration?: boolean } = { useExpiration: true }
|
||||
): Promise<string> {
|
||||
return new Promise<string>((resolve, reject) => {
|
||||
jwt.sign(
|
||||
data,
|
||||
JWT_SECRET,
|
||||
{
|
||||
expiresIn: JWT_EXPIRATION,
|
||||
...(useExpiration ?? true ? { expiresIn: expOverwrite ?? JWT_EXPIRATION } : {}),
|
||||
},
|
||||
(err, token) => {
|
||||
if (err) reject(err.message);
|
||||
|
@ -75,7 +79,7 @@ export abstract class JWTHelper {
|
|||
});
|
||||
}
|
||||
|
||||
static async buildWebapiToken(token: string): Promise<string> {
|
||||
static async buildWebapiToken(token: string, expiration?: Date): Promise<string> {
|
||||
let { id, title } = await WebapiService.getByToken(token);
|
||||
let webapiPermissions = await WebapiPermissionService.getByApi(id);
|
||||
let webapiPermissionStrings = webapiPermissions.map((e) => e.permission);
|
||||
|
@ -92,7 +96,12 @@ export abstract class JWTHelper {
|
|||
sub: "webapi_access_token",
|
||||
};
|
||||
|
||||
return await JWTHelper.create(jwtData)
|
||||
let overwriteExpiration =
|
||||
ms(JWT_EXPIRATION) < new Date().getTime() - new Date(expiration).getTime()
|
||||
? null
|
||||
: Date.now() - new Date(expiration).getTime();
|
||||
|
||||
return await JWTHelper.create(jwtData, { expOverwrite: overwriteExpiration, useExpiration: true })
|
||||
.then((result) => {
|
||||
return result;
|
||||
})
|
||||
|
|
|
@ -12,11 +12,11 @@ export class AddWebapiTokens1737453096674 implements MigrationInterface {
|
|||
name: "webapi",
|
||||
columns: [
|
||||
{ name: "id", type: variableType_int, isPrimary: true, isGenerated: true, generationStrategy: "increment" },
|
||||
{ name: "token", type: "varchar", length: "255", isUnique: true, isNullable: false },
|
||||
{ name: "title", type: "varchar", length: "255", isNullable: false },
|
||||
{ name: "token", type: "text", isUnique: true, isNullable: false },
|
||||
{ name: "title", type: "varchar", isUnique: true, length: "255", isNullable: false },
|
||||
{ name: "createdAt", type: "datetime", default: "CURRENT_TIMESTAMP(6)", isNullable: false },
|
||||
{ name: "lastUsage", type: "datetime", isNullable: true, default: null },
|
||||
{ name: "expiry", type: "datetime", isNullable: true, default: null },
|
||||
{ name: "expiry", type: "date", isNullable: true, default: null },
|
||||
],
|
||||
}),
|
||||
true
|
||||
|
|
|
@ -6,6 +6,7 @@ import {
|
|||
getAllWebapis,
|
||||
getWebapiById,
|
||||
getWebapiPermissions,
|
||||
getWebapiTokenById,
|
||||
updateWebapi,
|
||||
updateWebapiPermissions,
|
||||
} from "../../../controller/admin/user/webapiController";
|
||||
|
@ -20,6 +21,10 @@ router.get("/:id", async (req: Request, res: Response) => {
|
|||
await getWebapiById(req, res);
|
||||
});
|
||||
|
||||
router.get("/:id/token", async (req: Request, res: Response) => {
|
||||
await getWebapiTokenById(req, res);
|
||||
});
|
||||
|
||||
router.get("/:id/permissions", async (req: Request, res: Response) => {
|
||||
await getWebapiPermissions(req, res);
|
||||
});
|
||||
|
|
|
@ -11,14 +11,14 @@ export default abstract class WebapiPermissionService {
|
|||
static async getByApi(webapiId: number): Promise<Array<webapiPermission>> {
|
||||
return await dataSource
|
||||
.getRepository(webapiPermission)
|
||||
.createQueryBuilder("api_permission")
|
||||
.where("api_permission.apiId = :apiId", { apiId: webapiId })
|
||||
.createQueryBuilder("webapi_permission")
|
||||
.where("webapi_permission.webapiId = :webapiId", { webapiId: webapiId })
|
||||
.getMany()
|
||||
.then((res) => {
|
||||
return res;
|
||||
})
|
||||
.catch((err) => {
|
||||
throw new InternalException("api permissions not found by api", err);
|
||||
throw new InternalException("webapi permissions not found by api", err);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
@ -70,7 +70,7 @@ export default abstract class WebapiService {
|
|||
return await dataSource
|
||||
.getRepository(webapi)
|
||||
.createQueryBuilder("webapi")
|
||||
.select("token")
|
||||
.select("webapi.token")
|
||||
.where("webapi.id = :id", { id: id })
|
||||
.getOneOrFail()
|
||||
.then((res) => {
|
||||
|
|
Loading…
Reference in a new issue