summaryrefslogtreecommitdiff
path: root/src/server/api/endpoints/auth
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/api/endpoints/auth')
-rw-r--r--src/server/api/endpoints/auth/accept.ts35
-rw-r--r--src/server/api/endpoints/auth/session/generate.ts11
-rw-r--r--src/server/api/endpoints/auth/session/show.ts6
-rw-r--r--src/server/api/endpoints/auth/session/userkey.ts37
4 files changed, 37 insertions, 52 deletions
diff --git a/src/server/api/endpoints/auth/accept.ts b/src/server/api/endpoints/auth/accept.ts
index cedf7821fe..a584e7267b 100644
--- a/src/server/api/endpoints/auth/accept.ts
+++ b/src/server/api/endpoints/auth/accept.ts
@@ -1,11 +1,11 @@
import rndstr from 'rndstr';
import * as crypto from 'crypto';
import $ from 'cafy';
-import App from '../../../../models/app';
-import AuthSess from '../../../../models/auth-session';
-import AccessToken from '../../../../models/access-token';
import define from '../../define';
import { ApiError } from '../../error';
+import { AuthSessions, AccessTokens, Apps } from '../../../../models';
+import { genId } from '../../../../misc/gen-id';
+import { ensure } from '../../../../prelude/ensure';
export const meta = {
tags: ['auth'],
@@ -31,27 +31,25 @@ export const meta = {
export default define(meta, async (ps, user) => {
// Fetch token
- const session = await AuthSess
+ const session = await AuthSessions
.findOne({ token: ps.token });
- if (session === null) {
+ if (session == null) {
throw new ApiError(meta.errors.noSuchSession);
}
// Generate access token
- const accessToken = rndstr('a-zA-Z0-9', 32);
+ const accessToken = '1' + rndstr('a-zA-Z0-9', 15);
// Fetch exist access token
- const exist = await AccessToken.findOne({
+ const exist = await AccessTokens.findOne({
appId: session.appId,
- userId: user._id,
+ userId: user.id,
});
- if (exist === null) {
+ if (exist == null) {
// Lookup app
- const app = await App.findOne({
- _id: session.appId
- });
+ const app = await Apps.findOne(session.appId).then(ensure);
// Generate Hash
const sha256 = crypto.createHash('sha256');
@@ -59,21 +57,18 @@ export default define(meta, async (ps, user) => {
const hash = sha256.digest('hex');
// Insert access token doc
- await AccessToken.insert({
+ await AccessTokens.save({
+ id: genId(),
createdAt: new Date(),
appId: session.appId,
- userId: user._id,
+ userId: user.id,
token: accessToken,
hash: hash
});
}
// Update session
- await AuthSess.update(session._id, {
- $set: {
- userId: user._id
- }
+ await AuthSessions.update(session.id, {
+ userId: user.id
});
-
- return;
});
diff --git a/src/server/api/endpoints/auth/session/generate.ts b/src/server/api/endpoints/auth/session/generate.ts
index e12bea7681..5a9bfe6451 100644
--- a/src/server/api/endpoints/auth/session/generate.ts
+++ b/src/server/api/endpoints/auth/session/generate.ts
@@ -1,10 +1,10 @@
import * as uuid from 'uuid';
import $ from 'cafy';
-import App from '../../../../../models/app';
-import AuthSess from '../../../../../models/auth-session';
import config from '../../../../../config';
import define from '../../../define';
import { ApiError } from '../../../error';
+import { Apps, AuthSessions } from '../../../../../models';
+import { genId } from '../../../../../misc/gen-id';
export const meta = {
tags: ['auth'],
@@ -46,7 +46,7 @@ export const meta = {
export default define(meta, async (ps) => {
// Lookup app
- const app = await App.findOne({
+ const app = await Apps.findOne({
secret: ps.appSecret
});
@@ -58,9 +58,10 @@ export default define(meta, async (ps) => {
const token = uuid.v4();
// Create session token document
- const doc = await AuthSess.insert({
+ const doc = await AuthSessions.save({
+ id: genId(),
createdAt: new Date(),
- appId: app._id,
+ appId: app.id,
token: token
});
diff --git a/src/server/api/endpoints/auth/session/show.ts b/src/server/api/endpoints/auth/session/show.ts
index 992e0a499e..e6ecd8b839 100644
--- a/src/server/api/endpoints/auth/session/show.ts
+++ b/src/server/api/endpoints/auth/session/show.ts
@@ -1,7 +1,7 @@
import $ from 'cafy';
-import AuthSess, { pack } from '../../../../../models/auth-session';
import define from '../../../define';
import { ApiError } from '../../../error';
+import { AuthSessions } from '../../../../../models';
export const meta = {
tags: ['auth'],
@@ -29,7 +29,7 @@ export const meta = {
export default define(meta, async (ps, user) => {
// Lookup session
- const session = await AuthSess.findOne({
+ const session = await AuthSessions.findOne({
token: ps.token
});
@@ -37,5 +37,5 @@ export default define(meta, async (ps, user) => {
throw new ApiError(meta.errors.noSuchSession);
}
- return await pack(session, user);
+ return await AuthSessions.pack(session, user);
});
diff --git a/src/server/api/endpoints/auth/session/userkey.ts b/src/server/api/endpoints/auth/session/userkey.ts
index e09e16e658..7126ac52c1 100644
--- a/src/server/api/endpoints/auth/session/userkey.ts
+++ b/src/server/api/endpoints/auth/session/userkey.ts
@@ -1,10 +1,8 @@
import $ from 'cafy';
-import App from '../../../../../models/app';
-import AuthSess from '../../../../../models/auth-session';
-import AccessToken from '../../../../../models/access-token';
-import { pack } from '../../../../../models/user';
import define from '../../../define';
import { ApiError } from '../../../error';
+import { Apps, AuthSessions, AccessTokens, Users } from '../../../../../models';
+import { ensure } from '../../../../../prelude/ensure';
export const meta = {
tags: ['auth'],
@@ -67,7 +65,7 @@ export const meta = {
export default define(meta, async (ps) => {
// Lookup app
- const app = await App.findOne({
+ const app = await Apps.findOne({
secret: ps.appSecret
});
@@ -76,13 +74,12 @@ export default define(meta, async (ps) => {
}
// Fetch token
- const session = await AuthSess
- .findOne({
- token: ps.token,
- appId: app._id
- });
+ const session = await AuthSessions.findOne({
+ token: ps.token,
+ appId: app.id
+ });
- if (session === null) {
+ if (session == null) {
throw new ApiError(meta.errors.noSuchSession);
}
@@ -91,25 +88,17 @@ export default define(meta, async (ps) => {
}
// Lookup access token
- const accessToken = await AccessToken.findOne({
- appId: app._id,
+ const accessToken = await AccessTokens.findOne({
+ appId: app.id,
userId: session.userId
- });
+ }).then(ensure);
// Delete session
-
- /* https://github.com/Automattic/monk/issues/178
- AuthSess.deleteOne({
- _id: session._id
- });
- */
- AuthSess.remove({
- _id: session._id
- });
+ AuthSessions.delete(session.id);
return {
accessToken: accessToken.token,
- user: await pack(session.userId, null, {
+ user: await Users.pack(session.userId, null, {
detail: true
})
};
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-18 19:55:45 +0000