mirror of
https://github.com/mollersuite/monofile.git
synced 2024-11-28 16:36:27 -08:00
mirror /api/v1/session to /api/v1/account/me/access/:jti
This commit is contained in:
parent
ebcdd0c603
commit
04a34665f9
|
@ -6,7 +6,7 @@ import { z } from "zod"
|
|||
import { AuthSchemas } from "./schemas/index.js"
|
||||
import DbFile from "./dbfile.js"
|
||||
import * as jose from "jose"
|
||||
import { AccountResolvable } from "./accounts.js"
|
||||
import { AccountResolvable, resolve as resolveAccount } from "./accounts.js"
|
||||
import config from "./config.js"
|
||||
export let AuthTokenTO: { [key: string]: NodeJS.Timeout } = {}
|
||||
|
||||
|
@ -30,7 +30,7 @@ export function create(
|
|||
scopes?: Scope[]
|
||||
) {
|
||||
let token = AuthSchemas.AuthToken.parse({
|
||||
account,
|
||||
account: resolveAccount(account)?.id,
|
||||
id: crypto.randomUUID(),
|
||||
expire: typeof expire == "number" ? Date.now() + expire : null,
|
||||
type,
|
||||
|
|
|
@ -81,9 +81,8 @@ export const accountMgmtRoute: RequestHandler = async (ctx,next) => {
|
|||
* @description Middleware which blocks requests which do not have ctx.get("account") set
|
||||
*/
|
||||
export const requiresAccount: RequestHandler = function (ctx, next) {
|
||||
if (!ctx.get("account")) {
|
||||
if (!ctx.get("account"))
|
||||
return ServeError(ctx, 401, "not logged in")
|
||||
}
|
||||
return next()
|
||||
}
|
||||
|
||||
|
@ -213,10 +212,7 @@ export const verifyPoi = (user: string, poi?: string, wantsMfaPoi: boolean = fal
|
|||
export const mirror = (apiRoot: Hono, ctx: Context, url: string, init: Partial<RequestInit>) => apiRoot.fetch(
|
||||
new Request(
|
||||
(new URL(url, ctx.req.raw.url)).href,
|
||||
{
|
||||
...ctx.req.raw,
|
||||
...init
|
||||
}
|
||||
Object.assign(ctx.req.raw,init)
|
||||
),
|
||||
ctx.env
|
||||
)
|
|
@ -45,12 +45,15 @@ function getTargetToken(ctx: Context<HonoEnv, "/:token", BlankInput>) {
|
|||
)
|
||||
}
|
||||
|
||||
router.use(getAccount, requiresAccount, noAPIAccess)
|
||||
router.all("/", getTarget) // idk if this is redundant but just in case
|
||||
router.all("/:token", (ctx,next) => {
|
||||
router.use(getAccount, requiresAccount, getTarget)
|
||||
router.use("/", noAPIAccess) // idk if this is redundant but just in case
|
||||
router.use("/:token", async (ctx,next) => {
|
||||
let tok = getTargetToken(ctx)
|
||||
let actingTok = auth.resolve((await auth.tokenFor(ctx))!)!
|
||||
if (!tok)
|
||||
return ServeError(ctx, 404, "token not found")
|
||||
if (auth.getType(actingTok) != "User" && tok != actingTok)
|
||||
return ServeError(ctx, 403, "cannot manage this token")
|
||||
ctx.set("targetToken", tok)
|
||||
return next()
|
||||
})
|
||||
|
@ -91,7 +94,7 @@ export default function (files: Files) {
|
|||
|
||||
router.delete("/:token", async (ctx) => {
|
||||
auth.invalidate(ctx.get("targetToken"))
|
||||
return ctx.text(`deleted token ${ctx.req.param("token")}`)
|
||||
return ctx.text(`deleted token ${ctx.get("targetToken").id}`)
|
||||
})
|
||||
|
||||
const CreateTokenScheme =
|
||||
|
|
|
@ -59,14 +59,12 @@ export default function (files: Files, apiRoot: Hono) {
|
|||
return ctx.text("logged in")
|
||||
})
|
||||
|
||||
router.get("/", requiresAccount, async ctx => {
|
||||
return ctx.json(auth.resolve((await auth.tokenFor(ctx))!)!)
|
||||
})
|
||||
|
||||
router.delete("/", requiresAccount, async ctx => {
|
||||
auth.invalidate((await auth.tokenFor(ctx))!)
|
||||
return ctx.text("logged out")
|
||||
})
|
||||
|
||||
router.on(
|
||||
["GET","DELETE"],
|
||||
"/",
|
||||
requiresAccount,
|
||||
async ctx =>
|
||||
mirror(apiRoot, ctx, `/api/v1/account/me/access/${await auth.tokenFor(ctx)!}`, {})
|
||||
)
|
||||
return router
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue