diff options
| author | syuilo <Syuilotan@yahoo.co.jp> | 2018-03-29 14:51:06 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-03-29 14:51:06 +0900 |
| commit | 0b5597c873d2d9d45be94a18e1b74f44d9925185 (patch) | |
| tree | 8b4dac3a56cf703650c8207f9279028a8560a96b /src/server/api/endpoints/auth/accept.ts | |
| parent | oops (diff) | |
| parent | Resolve conflicts (diff) | |
| download | misskey-0b5597c873d2d9d45be94a18e1b74f44d9925185.tar.gz misskey-0b5597c873d2d9d45be94a18e1b74f44d9925185.tar.bz2 misskey-0b5597c873d2d9d45be94a18e1b74f44d9925185.zip | |
Merge pull request #1332 from syuilo/pr/1327
Pr/1327
Diffstat (limited to 'src/server/api/endpoints/auth/accept.ts')
| -rw-r--r-- | src/server/api/endpoints/auth/accept.ts | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/src/server/api/endpoints/auth/accept.ts b/src/server/api/endpoints/auth/accept.ts new file mode 100644 index 0000000000..5a1925144d --- /dev/null +++ b/src/server/api/endpoints/auth/accept.ts @@ -0,0 +1,93 @@ +/** + * Module dependencies + */ +import rndstr from 'rndstr'; +const crypto = require('crypto'); +import $ from 'cafy'; +import App from '../../models/app'; +import AuthSess from '../../models/auth-session'; +import AccessToken from '../../models/access-token'; + +/** + * @swagger + * /auth/accept: + * post: + * summary: Accept a session + * parameters: + * - $ref: "#/parameters/NativeToken" + * - + * name: token + * description: Session Token + * in: formData + * required: true + * type: string + * responses: + * 204: + * description: OK + * + * default: + * description: Failed + * schema: + * $ref: "#/definitions/Error" + */ + +/** + * Accept + * + * @param {any} params + * @param {any} user + * @return {Promise<any>} + */ +module.exports = (params, user) => new Promise(async (res, rej) => { + // Get 'token' parameter + const [token, tokenErr] = $(params.token).string().$; + if (tokenErr) return rej('invalid token param'); + + // Fetch token + const session = await AuthSess + .findOne({ token: token }); + + if (session === null) { + return rej('session not found'); + } + + // Generate access token + const accessToken = rndstr('a-zA-Z0-9', 32); + + // Fetch exist access token + const exist = await AccessToken.findOne({ + appId: session.appId, + userId: user._id, + }); + + if (exist === null) { + // Lookup app + const app = await App.findOne({ + _id: session.appId + }); + + // Generate Hash + const sha256 = crypto.createHash('sha256'); + sha256.update(accessToken + app.secret); + const hash = sha256.digest('hex'); + + // Insert access token doc + await AccessToken.insert({ + createdAt: new Date(), + appId: session.appId, + userId: user._id, + token: accessToken, + hash: hash + }); + } + + // Update session + await AuthSess.update(session._id, { + $set: { + userId: user._id + } + }); + + // Response + res(); +}); |