Introduce processor

author: Akihiko Odaki <nekomanma@pixiv.co.jp> 2018-03-29 01:20:40 +0900
committer: Akihiko Odaki <nekomanma@pixiv.co.jp> 2018-03-29 01:54:41 +0900
commit: 90f8fe7e538bb7e52d2558152a0390e693f39b11 (patch)
tree: 0f830887053c8f352b1cd0c13ca715fd14c1f030 /src/server/api/endpoints/auth/accept.ts
parent: Implement remote account resolution (diff)
download: sharkey-90f8fe7e538bb7e52d2558152a0390e693f39b11.tar.gz
sharkey-90f8fe7e538bb7e52d2558152a0390e693f39b11.tar.bz2
sharkey-90f8fe7e538bb7e52d2558152a0390e693f39b11.zip
1 files changed, 93 insertions, 0 deletions
diff --git a/src/server/api/endpoints/auth/accept.ts b/src/server/api/endpoints/auth/accept.ts
new file mode 100644
index 0000000000..4ee20a6d25
--- /dev/null
+++ b/src/server/api/endpoints/auth/accept.ts
@@ -0,0 +1,93 @@
+/**
+ * Module dependencies
+ */
+import rndstr from 'rndstr';
+const crypto = require('crypto');
+import $ from 'cafy';
+import App from '../../models/app';
+import AuthSess from '../../models/auth-session';
+import AccessToken from '../../models/access-token';
+
+/**
+ * @swagger
+ * /auth/accept:
+ *   post:
+ *     summary: Accept a session
+ *     parameters:
+ *       - $ref: "#/parameters/NativeToken"
+ *       -
+ *         name: token
+ *         description: Session Token
+ *         in: formData
+ *         required: true
+ *         type: string
+ *     responses:
+ *       204:
+ *         description: OK
+ *
+ *       default:
+ *         description: Failed
+ *         schema:
+ *           $ref: "#/definitions/Error"
+ */
+
+/**
+ * Accept
+ *
+ * @param {any} params
+ * @param {any} user
+ * @return {Promise<any>}
+ */
+module.exports = (params, user) => new Promise(async (res, rej) => {
+	// Get 'token' parameter
+	const [token, tokenErr] = $(params.token).string().$;
+	if (tokenErr) return rej('invalid token param');
+
+	// Fetch token
+	const session = await AuthSess
+		.findOne({ token: token });
+
+	if (session === null) {
+		return rej('session not found');
+	}
+
+	// Generate access token
+	const accessToken = rndstr('a-zA-Z0-9', 32);
+
+	// Fetch exist access token
+	const exist = await AccessToken.findOne({
+		app_id: session.app_id,
+		user_id: user._id,
+	});
+
+	if (exist === null) {
+		// Lookup app
+		const app = await App.findOne({
+			_id: session.app_id
+		});
+
+		// Generate Hash
+		const sha256 = crypto.createHash('sha256');
+		sha256.update(accessToken + app.secret);
+		const hash = sha256.digest('hex');
+
+		// Insert access token doc
+		await AccessToken.insert({
+			created_at: new Date(),
+			app_id: session.app_id,
+			user_id: user._id,
+			token: accessToken,
+			hash: hash
+		});
+	}
+
+	// Update session
+	await AuthSess.update(session._id, {
+		$set: {
+			user_id: user._id
+		}
+	});
+
+	// Response
+	res();
+});
author	Akihiko Odaki <nekomanma@pixiv.co.jp>	2018-03-29 01:20:40 +0900
committer	Akihiko Odaki <nekomanma@pixiv.co.jp>	2018-03-29 01:54:41 +0900
commit	90f8fe7e538bb7e52d2558152a0390e693f39b11 (patch)
tree	0f830887053c8f352b1cd0c13ca715fd14c1f030 /src/server/api/endpoints/auth/accept.ts
parent	Implement remote account resolution (diff)
download	sharkey-90f8fe7e538bb7e52d2558152a0390e693f39b11.tar.gz sharkey-90f8fe7e538bb7e52d2558152a0390e693f39b11.tar.bz2 sharkey-90f8fe7e538bb7e52d2558152a0390e693f39b11.zip