Ehrenamt/ff-admin-server
2
0
Fork 0
Code Issues 17 Pull requests Projects Releases 36 Packages Wiki Activity Actions

Merge pull request 'feature/#22-API-Tokens' (#49) from feature/#22-API-Tokens into develop

Browse source 
Reviewed-on: #49
This commit is contained in:
Julian Krauser 2025-01-22 10:59:46 +00:00
commit bbfdc69049
28 changed files with 886 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

155
src/controller/admin/user/webapiController.ts Normal file
View file

@ -0,0 +1,155 @@
import { Request, Response } from "express";
import WebapiService from "../../../service/user/webapiService";
import ApiFactory from "../../../factory/admin/user/webapi";
import WebapiPermissionService from "../../../service/user/webapiPermissionService";
import PermissionHelper from "../../../helpers/permissionHelper";
import {
CreateWebapiCommand,
DeleteWebapiCommand,
UpdateWebapiCommand,
} from "../../../command/user/webapi/webapiCommand";
import WebapiCommandHandler from "../../../command/user/webapi/webapiCommandHandler";
import { UpdateWebapiPermissionsCommand } from "../../../command/user/webapi/webapiPermissionCommand";
import WebapiPermissionCommandHandler from "../../../command/user/webapi/webapiPermissionCommandHandler";
import { JWTHelper } from "../../../helpers/jwtHelper";
import { CLUB_NAME } from "../../../env.defaults";
import { StringHelper } from "../../../helpers/stringHelper";
/**
* @description get All apis
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function getAllWebapis(req: Request, res: Response): Promise<any> {
let apis = await WebapiService.getAll();
res.json(ApiFactory.mapToBase(apis));
}
/**
* @description get api by id
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function getWebapiById(req: Request, res: Response): Promise<any> {
const id = parseInt(req.params.id);
let api = await WebapiService.getById(id);
res.json(ApiFactory.mapToSingle(api));
}
/**
* @description get api token by id
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function getWebapiTokenById(req: Request, res: Response): Promise<any> {
const id = parseInt(req.params.id);
let { token } = await WebapiService.getTokenById(id);
res.send(token);
}
/**
* @description get permissions by api
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function getWebapiPermissions(req: Request, res: Response): Promise<any> {
const id = parseInt(req.params.id);
let permissions = await WebapiPermissionService.getByApi(id);
res.json(PermissionHelper.convertToObject(permissions.map((p) => p.permission)));
}
/**
* @description create new api
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function createWebapi(req: Request, res: Response): Promise<any> {
let title = req.body.title;
let expiry = req.body.expiry || null;
let token = await JWTHelper.create(
{
iss: CLUB_NAME,
sub: "api_token_retrieve",
aud: StringHelper.random(32),
},
{ useExpiration: false }
);
let createApi: CreateWebapiCommand = {
token: token,
title: title,
expiry: expiry,
};
await WebapiCommandHandler.create(createApi);
res.sendStatus(204);
}
/**
* @description update api data
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function updateWebapi(req: Request, res: Response): Promise<any> {
const id = parseInt(req.params.id);
let title = req.body.title;
let expiry = req.body.expiry || null;
let updateApi: UpdateWebapiCommand = {
id: id,
title: title,
expiry: expiry,
};
await WebapiCommandHandler.update(updateApi);
res.sendStatus(204);
}
/**
* @description update api assigned permission strings
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function updateWebapiPermissions(req: Request, res: Response): Promise<any> {
const id = parseInt(req.params.id);
let permissions = req.body.permissions;
let permissionStrings = PermissionHelper.convertToStringArray(permissions);
let updateApiPermissions: UpdateWebapiPermissionsCommand = {
webapiId: id,
permissions: permissionStrings,
};
await WebapiPermissionCommandHandler.updatePermissions(updateApiPermissions);
res.sendStatus(204);
}
/**
* @description delete api by id
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function deleteWebapi(req: Request, res: Response): Promise<any> {
const id = parseInt(req.params.id);
let deleteApi: DeleteWebapiCommand = {
id: id,
};
await WebapiCommandHandler.delete(deleteApi);
res.sendStatus(204);
}

37
src/controller/webapiController.ts Normal file
View file

@ -0,0 +1,37 @@
import { Request, Response } from "express";
import { JWTHelper } from "../helpers/jwtHelper";
import { JWTToken } from "../type/jwtTypes";
import InternalException from "../exceptions/internalException";
import RefreshCommandHandler from "../command/refreshCommandHandler";
import { CreateRefreshCommand, DeleteRefreshCommand } from "../command/refreshCommand";
import UserService from "../service/user/userService";
import speakeasy from "speakeasy";
import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
import RefreshService from "../service/refreshService";
import WebapiService from "../service/user/webapiService";
import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
import WebapiCommandHandler from "../command/user/webapi/webapiCommandHandler";
/**
* @description Check authentication status by token
* @param req {Request} Express req object
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function getWebApiAccess(req: Request, res: Response): Promise<any> {
const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;
let { id, expiry } = await WebapiService.getByToken(bearer);
if (expiry != null && new Date() > new Date(expiry)) {
throw new ForbiddenRequestException("api token expired");
}
await WebapiCommandHandler.updateUsage({ id });
let accessToken = await JWTHelper.buildWebapiToken(bearer, expiry);
res.json({
accessToken,
});
}