-import * as express from 'express'
-import * as RateLimit from 'express-rate-limit'
-import { v4 as uuidv4 } from 'uuid'
+import express from 'express'
import { logger } from '@server/helpers/logger'
import { CONFIG } from '@server/initializers/config'
import { getAuthNameFromRefreshGrant, getBypassFromExternalAuth, getBypassFromPasswordGrant } from '@server/lib/auth/external-auth'
import { handleOAuthToken } from '@server/lib/auth/oauth'
import { BypassLogin, revokeToken } from '@server/lib/auth/oauth-model'
import { Hooks } from '@server/lib/plugins/hooks'
-import { asyncMiddleware, authenticate, openapiOperationDoc } from '@server/middlewares'
+import { asyncMiddleware, authenticate, buildRateLimiter, openapiOperationDoc } from '@server/middlewares'
+import { buildUUID } from '@shared/extra-utils'
import { ScopedToken } from '@shared/models/users/user-scoped-token'
const tokensRouter = express.Router()
-const loginRateLimiter = RateLimit({
+const loginRateLimiter = buildRateLimiter({
windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
max: CONFIG.RATES_LIMIT.LOGIN.MAX
})
res.set('Cache-Control', 'no-store')
res.set('Pragma', 'no-cache')
- Hooks.runAction('action:api.user.oauth2-got-token', { username: token.user.username, ip: req.ip })
+ Hooks.runAction('action:api.user.oauth2-got-token', { username: token.user.username, ip: req.ip, req, res })
return res.json({
token_type: 'Bearer',
async function renewScopedTokens (req: express.Request, res: express.Response) {
const user = res.locals.oauth.token.user
- user.feedToken = uuidv4()
+ user.feedToken = buildUUID()
await user.save()
return res.json({
projects / github / Chocobozzz / PeerTube.git / blobdiff