summaryrefslogtreecommitdiff
path: root/src/server/api/authenticate.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/api/authenticate.ts')
-rw-r--r--src/server/api/authenticate.ts24
1 files changed, 20 insertions, 4 deletions
diff --git a/src/server/api/authenticate.ts b/src/server/api/authenticate.ts
index 519ed77388..32ad3b4019 100644
--- a/src/server/api/authenticate.ts
+++ b/src/server/api/authenticate.ts
@@ -1,7 +1,11 @@
import isNativeToken from './common/is-native-token';
import { User } from '../../models/entities/user';
-import { App } from '../../models/entities/app';
import { Users, AccessTokens, Apps } from '../../models';
+import { ensure } from '../../prelude/ensure';
+
+type App = {
+ permission: string[];
+};
export default async (token: string): Promise<[User | null | undefined, App | null | undefined]> => {
if (token == null) {
@@ -27,14 +31,26 @@ export default async (token: string): Promise<[User | null | undefined, App | nu
throw new Error('invalid signature');
}
- const app = await Apps
- .findOne(accessToken.appId);
+ AccessTokens.update(accessToken.id, {
+ lastUsedAt: new Date(),
+ });
const user = await Users
.findOne({
id: accessToken.userId // findOne(accessToken.userId) のように書かないのは後方互換性のため
});
- return [user, app];
+ if (accessToken.appId) {
+ const app = await Apps
+ .findOne(accessToken.appId).then(ensure);
+
+ return [user, {
+ permission: app.permission
+ }];
+ } else {
+ return [user, {
+ permission: accessToken.permission
+ }];
+ }
}
};
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-04 14:08:08 +0000