1 import { handleLogin, handleTokenRevocation } from '@server/lib/auth'
2 import * as RateLimit from 'express-rate-limit'
3 import { CONFIG } from '@server/initializers/config'
4 import * as express from 'express'
5 import { Hooks } from '@server/lib/plugins/hooks'
6 import { asyncMiddleware, authenticate } from '@server/middlewares'
8 const tokensRouter = express.Router()
10 const loginRateLimiter = RateLimit({
11 windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
12 max: CONFIG.RATES_LIMIT.LOGIN.MAX
15 tokensRouter.post('/token',
21 tokensRouter.post('/revoke-token',
23 asyncMiddleware(handleTokenRevocation)
26 // ---------------------------------------------------------------------------
31 // ---------------------------------------------------------------------------
33 function tokenSuccess (req: express.Request) {
34 const username = req.body.username
36 Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })