Merge branch 'develop'

1 files changed, 17 insertions, 5 deletions

diff --git a/src/server/api/authenticate.ts b/src/server/api/authenticate.ts
index 519ed77388..c3e277e8de 100644
--- a/src/server/api/authenticate.ts
+++ b/src/server/api/authenticate.ts
@@ -1,9 +1,10 @@
 import isNativeToken from './common/is-native-token';
 import { User } from '../../models/entities/user';
-import { App } from '../../models/entities/app';
 import { Users, AccessTokens, Apps } from '../../models';
+import { ensure } from '../../prelude/ensure';
+import { AccessToken } from '../../models/entities/access-token';
 
-export default async (token: string): Promise<[User | null | undefined, App | null | undefined]> => {
+export default async (token: string): Promise<[User | null | undefined, AccessToken | null | undefined]> => {
 	if (token == null) {
 		return [null, null];
 	}
@@ -27,14 +28,25 @@ export default async (token: string): Promise<[User | null | undefined, App | nu
 			throw new Error('invalid signature');
 		}
 
-		const app = await Apps
-			.findOne(accessToken.appId);
+		AccessTokens.update(accessToken.id, {
+			lastUsedAt: new Date(),
+		});
 
 		const user = await Users
 			.findOne({
 				id: accessToken.userId // findOne(accessToken.userId) のように書かないのは後方互換性のため
 			});
 
-		return [user, app];
+		if (accessToken.appId) {
+			const app = await Apps
+				.findOne(accessToken.appId).then(ensure);
+
+			return [user, {
+				id: accessToken.id,
+				permission: app.permission
+			} as AccessToken];
+		} else {
+			return [user, accessToken];
+		}
 	}
 };