mirror /api/v1/session to /api/v1/account/me/access/:jti

2024-11-25 07:06:25 -08:00 · 2024-05-25 22:14:00 -07:00 · 2024-05-25 22:14:00 -07:00 · 04a34665f9
parent ebcdd0c603
commit 04a34665f9
4 changed files with 18 additions and 21 deletions
--- a/src/server/lib/auth.ts
+++ b/src/server/lib/auth.ts
@ -6,7 +6,7 @@ import { z } from "zod"
 import { AuthSchemas } from "./schemas/index.js"
 import DbFile from "./dbfile.js"
 import * as jose from "jose"
-import { AccountResolvable } from "./accounts.js"
+import { AccountResolvable, resolve as resolveAccount } from "./accounts.js"
 import config from "./config.js"
 export let AuthTokenTO: { [key: string]: NodeJS.Timeout } = {}
@ -30,7 +30,7 @@ export function create(
    scopes?: Scope[]
 ) {
    let token = AuthSchemas.AuthToken.parse({
-        account,
+        account: resolveAccount(account)?.id,
        id: crypto.randomUUID(),
        expire: typeof expire == "number" ? Date.now() + expire : null,
        type,
--- a/src/server/lib/middleware.ts
+++ b/src/server/lib/middleware.ts
@ -81,9 +81,8 @@ export const accountMgmtRoute: RequestHandler = async (ctx,next) => {
 * @description Middleware which blocks requests which do not have ctx.get("account") set
 */
 export const requiresAccount: RequestHandler = function (ctx, next) {
-    if (!ctx.get("account")) {
+    if (!ctx.get("account"))
        return ServeError(ctx, 401, "not logged in")
    }
    return next()
 }
@ -213,10 +212,7 @@ export const verifyPoi = (user: string, poi?: string, wantsMfaPoi: boolean = fal
 export const mirror = (apiRoot: Hono, ctx: Context, url: string, init: Partial<RequestInit>) => apiRoot.fetch(
    new Request(
        (new URL(url, ctx.req.raw.url)).href, 
-            {
+            Object.assign(ctx.req.raw,init)
                ...ctx.req.raw,
                ...init
            }
    ), 
    ctx.env
 )
--- a/src/server/routes/api/v1/account/access.ts
+++ b/src/server/routes/api/v1/account/access.ts
@ -45,12 +45,15 @@ function getTargetToken(ctx: Context<HonoEnv, "/:token", BlankInput>) {
    )
 }
-router.use(getAccount, requiresAccount, noAPIAccess)
+router.use(getAccount, requiresAccount, getTarget)
-router.all("/", getTarget) // idk if this is redundant but just in case
+router.use("/", noAPIAccess) // idk if this is redundant but just in case
-router.all("/:token", (ctx,next) => {
+router.use("/:token", async (ctx,next) => {
    let tok = getTargetToken(ctx)
    let actingTok = auth.resolve((await auth.tokenFor(ctx))!)!
    if (!tok)
        return ServeError(ctx, 404, "token not found")
    if (auth.getType(actingTok) != "User" && tok != actingTok)
        return ServeError(ctx, 403, "cannot manage this token")
    ctx.set("targetToken", tok)
    return next()
 })
@ -91,7 +94,7 @@ export default function (files: Files) {
    router.delete("/:token", async (ctx) => {
        auth.invalidate(ctx.get("targetToken"))
-        return ctx.text(`deleted token ${ctx.req.param("token")}`)
+        return ctx.text(`deleted token ${ctx.get("targetToken").id}`)
    })
    const CreateTokenScheme = 
--- a/src/server/routes/api/v1/session.ts
+++ b/src/server/routes/api/v1/session.ts
@ -59,14 +59,12 @@ export default function (files: Files, apiRoot: Hono) {
        return ctx.text("logged in")
    })
-    router.get("/", requiresAccount, async ctx => {
+    router.on(
-        return ctx.json(auth.resolve((await auth.tokenFor(ctx))!)!)
+        ["GET","DELETE"],
-    })
+        "/",
-
+        requiresAccount,
-    router.delete("/", requiresAccount, async ctx => {
+        async ctx =>
-        auth.invalidate((await auth.tokenFor(ctx))!)
+            mirror(apiRoot, ctx, `/api/v1/account/me/access/${await auth.tokenFor(ctx)!}`, {})
-        return ctx.text("logged out")
+    )
    })
    return router
 }