jwt gen & rename fixes

2025-01-22 11:57:19 +01:00 · 2025-01-22 11:57:19 +01:00 · a165231c47
commit a165231c47
parent 313785b4ac
13 changed files with 101 additions and 41 deletions
--- a/src/controller/admin/user/webapiController.ts
+++ b/src/controller/admin/user/webapiController.ts
@ -74,14 +74,16 @@ export async function getWebapiPermissions(req: Request, res: Response): Promise
 */
 export async function createWebapi(req: Request, res: Response): Promise<any> {
  let title = req.body.title;
-  let expiry = req.body.expiry;
+  let expiry = req.body.expiry || null;

-  let token = await JWTHelper.create({
-    iss: CLUB_NAME,
-    sub: "api_token_retrieve",
-    iat: new Date().toISOString(),
-    aud: StringHelper.random(32),
-  });
+  let token = await JWTHelper.create(
+    {
+      iss: CLUB_NAME,
+      sub: "api_token_retrieve",
+      aud: StringHelper.random(32),
+    },
+    { useExpiration: false }
+  );

  let createApi: CreateWebapiCommand = {
    token: token,
@ -102,7 +104,7 @@ export async function createWebapi(req: Request, res: Response): Promise<any> {
 export async function updateWebapi(req: Request, res: Response): Promise<any> {
  const id = parseInt(req.params.id);
  let title = req.body.title;
-  let expiry = req.body.expiry;
+  let expiry = req.body.expiry || null;

  let updateApi: UpdateWebapiCommand = {
    id: id,
@ -127,7 +129,7 @@ export async function updateWebapiPermissions(req: Request, res: Response): Prom
  let permissionStrings = PermissionHelper.convertToStringArray(permissions);

  let updateApiPermissions: UpdateWebapiPermissionsCommand = {
-    apiId: id,
+    webapiId: id,
    permissions: permissionStrings,
  };
  await WebapiPermissionCommandHandler.updatePermissions(updateApiPermissions);
--- a/src/controller/webapiController.ts
+++ b/src/controller/webapiController.ts
@ -10,6 +10,7 @@ import UnauthorizedRequestException from "../exceptions/unauthorizedRequestExcep
 import RefreshService from "../service/refreshService";
 import WebapiService from "../service/user/webapiService";
 import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
+import WebapiCommandHandler from "../command/user/webapi/webapiCommandHandler";

 /**
 * @description Check authentication status by token
@ -20,13 +21,15 @@ import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
 export async function getWebApiAccess(req: Request, res: Response): Promise<any> {
  const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;

-  let { expiry } = await WebapiService.getByToken(bearer);
+  let { id, expiry } = await WebapiService.getByToken(bearer);

-  if (new Date() > new Date(expiry)) {
+  if (expiry != null && new Date() > new Date(expiry)) {
    throw new ForbiddenRequestException("api token expired");
  }

-  let accessToken = await JWTHelper.buildWebapiToken(bearer);
+  await WebapiCommandHandler.updateUsage({ id });
+
+  let accessToken = await JWTHelper.buildWebapiToken(bearer, expiry);

  res.json({
    accessToken,