]>
Commit | Line | Data |
---|---|---|
f201a749 | 1 | import { |
d175a6f7 | 2 | AfterDestroy, |
f201a749 C |
3 | AfterUpdate, |
4 | AllowNull, | |
5 | BelongsTo, | |
6 | Column, | |
7 | CreatedAt, | |
8 | ForeignKey, | |
9 | Model, | |
10 | Scopes, | |
11 | Table, | |
12 | UpdatedAt | |
13 | } from 'sequelize-typescript' | |
da854ddd | 14 | import { logger } from '../../helpers/logger' |
3fd3ab2d C |
15 | import { UserModel } from '../account/user' |
16 | import { OAuthClientModel } from './oauth-client' | |
e6921918 | 17 | import { Transaction } from 'sequelize' |
91411dba C |
18 | import { AccountModel } from '../account/account' |
19 | import { ActorModel } from '../activitypub/actor' | |
f201a749 | 20 | import { clearCacheByToken } from '../../lib/oauth-model' |
453e83ea | 21 | import * as Bluebird from 'bluebird' |
26d6bf65 | 22 | import { MOAuthTokenUser } from '@server/types/models/oauth/oauth-token' |
3fd3ab2d C |
23 | |
24 | export type OAuthTokenInfo = { | |
25 | refreshToken: string | |
a1587156 | 26 | refreshTokenExpiresAt: Date |
3fd3ab2d C |
27 | client: { |
28 | id: number | |
a1587156 | 29 | } |
3fd3ab2d C |
30 | user: { |
31 | id: number | |
32 | } | |
e307e4fc | 33 | token: MOAuthTokenUser |
3fd3ab2d | 34 | } |
2f372a86 | 35 | |
d48ff09d | 36 | enum ScopeNames { |
91411dba | 37 | WITH_USER = 'WITH_USER' |
d48ff09d C |
38 | } |
39 | ||
3acc5084 | 40 | @Scopes(() => ({ |
91411dba | 41 | [ScopeNames.WITH_USER]: { |
d48ff09d C |
42 | include: [ |
43 | { | |
3acc5084 | 44 | model: UserModel.unscoped(), |
91411dba | 45 | required: true, |
d48ff09d C |
46 | include: [ |
47 | { | |
91411dba | 48 | attributes: [ 'id' ], |
3acc5084 | 49 | model: AccountModel.unscoped(), |
91411dba C |
50 | required: true, |
51 | include: [ | |
52 | { | |
5c6d985f | 53 | attributes: [ 'id', 'url' ], |
3acc5084 | 54 | model: ActorModel.unscoped(), |
91411dba C |
55 | required: true |
56 | } | |
57 | ] | |
d48ff09d C |
58 | } |
59 | ] | |
60 | } | |
3acc5084 | 61 | ] |
d48ff09d | 62 | } |
3acc5084 | 63 | })) |
3fd3ab2d C |
64 | @Table({ |
65 | tableName: 'oAuthToken', | |
66 | indexes: [ | |
feb4bdfd | 67 | { |
3fd3ab2d C |
68 | fields: [ 'refreshToken' ], |
69 | unique: true | |
feb4bdfd C |
70 | }, |
71 | { | |
3fd3ab2d C |
72 | fields: [ 'accessToken' ], |
73 | unique: true | |
74 | }, | |
75 | { | |
76 | fields: [ 'userId' ] | |
77 | }, | |
78 | { | |
79 | fields: [ 'oAuthClientId' ] | |
feb4bdfd | 80 | } |
3fd3ab2d C |
81 | ] |
82 | }) | |
83 | export class OAuthTokenModel extends Model<OAuthTokenModel> { | |
feb4bdfd | 84 | |
3fd3ab2d C |
85 | @AllowNull(false) |
86 | @Column | |
87 | accessToken: string | |
e02643f3 | 88 | |
3fd3ab2d C |
89 | @AllowNull(false) |
90 | @Column | |
91 | accessTokenExpiresAt: Date | |
e02643f3 | 92 | |
3fd3ab2d C |
93 | @AllowNull(false) |
94 | @Column | |
95 | refreshToken: string | |
69b0a27c | 96 | |
3fd3ab2d C |
97 | @AllowNull(false) |
98 | @Column | |
99 | refreshTokenExpiresAt: Date | |
69b0a27c | 100 | |
e1c55031 C |
101 | @Column |
102 | authName: string | |
103 | ||
3fd3ab2d C |
104 | @CreatedAt |
105 | createdAt: Date | |
106 | ||
107 | @UpdatedAt | |
108 | updatedAt: Date | |
109 | ||
110 | @ForeignKey(() => UserModel) | |
111 | @Column | |
112 | userId: number | |
113 | ||
114 | @BelongsTo(() => UserModel, { | |
feb4bdfd | 115 | foreignKey: { |
feb4bdfd C |
116 | allowNull: false |
117 | }, | |
118 | onDelete: 'cascade' | |
119 | }) | |
3fd3ab2d | 120 | User: UserModel |
319d072e | 121 | |
3fd3ab2d C |
122 | @ForeignKey(() => OAuthClientModel) |
123 | @Column | |
124 | oAuthClientId: number | |
125 | ||
126 | @BelongsTo(() => OAuthClientModel, { | |
319d072e | 127 | foreignKey: { |
319d072e C |
128 | allowNull: false |
129 | }, | |
130 | onDelete: 'cascade' | |
131 | }) | |
3fd3ab2d | 132 | OAuthClients: OAuthClientModel[] |
feb4bdfd | 133 | |
f201a749 | 134 | @AfterUpdate |
d175a6f7 | 135 | @AfterDestroy |
f201a749 C |
136 | static removeTokenCache (token: OAuthTokenModel) { |
137 | return clearCacheByToken(token.accessToken) | |
138 | } | |
139 | ||
e307e4fc C |
140 | static loadByRefreshToken (refreshToken: string) { |
141 | const query = { | |
142 | where: { refreshToken } | |
143 | } | |
144 | ||
145 | return OAuthTokenModel.findOne(query) | |
146 | } | |
147 | ||
3fd3ab2d C |
148 | static getByRefreshTokenAndPopulateClient (refreshToken: string) { |
149 | const query = { | |
150 | where: { | |
e307e4fc | 151 | refreshToken |
3fd3ab2d C |
152 | }, |
153 | include: [ OAuthClientModel ] | |
154 | } | |
155 | ||
e307e4fc C |
156 | return OAuthTokenModel.scope(ScopeNames.WITH_USER) |
157 | .findOne(query) | |
158 | .then(token => { | |
159 | if (!token) return null | |
160 | ||
161 | return { | |
162 | refreshToken: token.refreshToken, | |
163 | refreshTokenExpiresAt: token.refreshTokenExpiresAt, | |
164 | client: { | |
165 | id: token.oAuthClientId | |
166 | }, | |
716adfae | 167 | user: token.User, |
e307e4fc C |
168 | token |
169 | } as OAuthTokenInfo | |
170 | }) | |
171 | .catch(err => { | |
172 | logger.error('getRefreshToken error.', { err }) | |
173 | throw err | |
174 | }) | |
feb4bdfd C |
175 | } |
176 | ||
453e83ea | 177 | static getByTokenAndPopulateUser (bearerToken: string): Bluebird<MOAuthTokenUser> { |
3fd3ab2d C |
178 | const query = { |
179 | where: { | |
180 | accessToken: bearerToken | |
d48ff09d | 181 | } |
3fd3ab2d | 182 | } |
2f372a86 | 183 | |
3acc5084 C |
184 | return OAuthTokenModel.scope(ScopeNames.WITH_USER) |
185 | .findOne(query) | |
186 | .then(token => { | |
453e83ea | 187 | if (!token) return null |
69b0a27c | 188 | |
453e83ea | 189 | return Object.assign(token, { user: token.User }) |
3acc5084 | 190 | }) |
feb4bdfd C |
191 | } |
192 | ||
453e83ea | 193 | static getByRefreshTokenAndPopulateUser (refreshToken: string): Bluebird<MOAuthTokenUser> { |
3fd3ab2d C |
194 | const query = { |
195 | where: { | |
e307e4fc | 196 | refreshToken |
d48ff09d | 197 | } |
3fd3ab2d | 198 | } |
feb4bdfd | 199 | |
91411dba | 200 | return OAuthTokenModel.scope(ScopeNames.WITH_USER) |
d48ff09d C |
201 | .findOne(query) |
202 | .then(token => { | |
e307e4fc | 203 | if (!token) return undefined |
453e83ea C |
204 | |
205 | return Object.assign(token, { user: token.User }) | |
d48ff09d | 206 | }) |
feb4bdfd | 207 | } |
f8b8c36b | 208 | |
e6921918 | 209 | static deleteUserToken (userId: number, t?: Transaction) { |
f8b8c36b C |
210 | const query = { |
211 | where: { | |
212 | userId | |
e6921918 C |
213 | }, |
214 | transaction: t | |
f8b8c36b C |
215 | } |
216 | ||
217 | return OAuthTokenModel.destroy(query) | |
218 | } | |
2f372a86 | 219 | } |