]>
Commit | Line | Data |
---|---|---|
e1c55031 C |
1 | import { handleIdAndPassLogin, handleTokenRevocation } from '@server/lib/auth' |
2 | import * as RateLimit from 'express-rate-limit' | |
3 | import { CONFIG } from '@server/initializers/config' | |
4 | import * as express from 'express' | |
5 | import { Hooks } from '@server/lib/plugins/hooks' | |
6 | import { asyncMiddleware, authenticate } from '@server/middlewares' | |
7 | ||
8 | const tokensRouter = express.Router() | |
9 | ||
10 | const loginRateLimiter = RateLimit({ | |
11 | windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS, | |
12 | max: CONFIG.RATES_LIMIT.LOGIN.MAX | |
13 | }) | |
14 | ||
15 | tokensRouter.post('/token', | |
16 | loginRateLimiter, | |
17 | handleIdAndPassLogin, | |
18 | tokenSuccess | |
19 | ) | |
20 | ||
21 | tokensRouter.post('/revoke-token', | |
22 | authenticate, | |
23 | asyncMiddleware(handleTokenRevocation), | |
24 | tokenSuccess | |
25 | ) | |
26 | ||
27 | // --------------------------------------------------------------------------- | |
28 | ||
29 | export { | |
30 | tokensRouter | |
31 | } | |
32 | // --------------------------------------------------------------------------- | |
33 | ||
34 | function tokenSuccess (req: express.Request) { | |
35 | const username = req.body.username | |
36 | ||
37 | Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip }) | |
38 | } |