[github/Chocobozzz/PeerTube.git] / server / controllers / api / users / token.ts

import { handleLogin, handleTokenRevocation } from '@server/lib/auth'
import * as RateLimit from 'express-rate-limit'
import { CONFIG } from '@server/initializers/config'
import * as express from 'express'
import { Hooks } from '@server/lib/plugins/hooks'
import { asyncMiddleware, authenticate } from '@server/middlewares'
import { ScopedToken } from '@shared/models/users/user-scoped-token'
import { v4 as uuidv4 } from 'uuid'

const tokensRouter = express.Router()

const loginRateLimiter = RateLimit({
  windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
  max: CONFIG.RATES_LIMIT.LOGIN.MAX
})

tokensRouter.post('/token',
  loginRateLimiter,
  handleLogin,
  tokenSuccess
)

tokensRouter.post('/revoke-token',
  authenticate,
  asyncMiddleware(handleTokenRevocation)
)

tokensRouter.get('/scoped-tokens',
  authenticate,
  getScopedTokens
)

tokensRouter.post('/scoped-tokens',
  authenticate,
  asyncMiddleware(renewScopedTokens)
)

// ---------------------------------------------------------------------------

export {
  tokensRouter
}
// ---------------------------------------------------------------------------

function tokenSuccess (req: express.Request) {
  const username = req.body.username

  Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })
}

function getScopedTokens (req: express.Request, res: express.Response) {
  const user = res.locals.oauth.token.user

  return res.json({
    feedToken: user.feedToken
  } as ScopedToken)
}

async function renewScopedTokens (req: express.Request, res: express.Response) {
  const user = res.locals.oauth.token.user

  user.feedToken = uuidv4()
  await user.save()

  return res.json({
    feedToken: user.feedToken
  } as ScopedToken)
}
Commit	Line	Data
9107d791	1	import { handleLogin, handleTokenRevocation } from '@server/lib/auth'
e1c55031 C	2	import * as RateLimit from 'express-rate-limit'
	3	import { CONFIG } from '@server/initializers/config'
	4	import * as express from 'express'
	5	import { Hooks } from '@server/lib/plugins/hooks'
	6	import { asyncMiddleware, authenticate } from '@server/middlewares'
afff310e RK	7	import { ScopedToken } from '@shared/models/users/user-scoped-token'
afff310e RK	8	import { v4 as uuidv4 } from 'uuid'
e1c55031 C	9
	10	const tokensRouter = express.Router()
	11
	12	const loginRateLimiter = RateLimit({
	13	windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
	14	max: CONFIG.RATES_LIMIT.LOGIN.MAX
	15	})
	16
	17	tokensRouter.post('/token',
	18	loginRateLimiter,
9107d791	19	handleLogin,
e1c55031 C	20	tokenSuccess
	21	)
	22
	23	tokensRouter.post('/revoke-token',
	24	authenticate,
e307e4fc	25	asyncMiddleware(handleTokenRevocation)
e1c55031 C	26	)
e1c55031 C	27
afff310e RK	28	tokensRouter.get('/scoped-tokens',
	29	authenticate,
	30	getScopedTokens
	31	)
	32
	33	tokensRouter.post('/scoped-tokens',
	34	authenticate,
	35	asyncMiddleware(renewScopedTokens)
	36	)
	37
e1c55031 C	38	// ---------------------------------------------------------------------------
	39
	40	export {
	41	tokensRouter
	42	}
	43	// ---------------------------------------------------------------------------
	44
	45	function tokenSuccess (req: express.Request) {
	46	const username = req.body.username
	47
	48	Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })
	49	}
afff310e RK	50
	51	function getScopedTokens (req: express.Request, res: express.Response) {
	52	const user = res.locals.oauth.token.user
	53
	54	return res.json({
	55	feedToken: user.feedToken
	56	} as ScopedToken)
	57	}
	58
	59	async function renewScopedTokens (req: express.Request, res: express.Response) {
	60	const user = res.locals.oauth.token.user
	61
	62	user.feedToken = uuidv4()
	63	await user.save()
	64
	65	return res.json({
	66	feedToken: user.feedToken
	67	} as ScopedToken)
	68	}