import * as express from 'express'
import * as RateLimit from 'express-rate-limit'
-import { v4 as uuidv4 } from 'uuid'
import { logger } from '@server/helpers/logger'
+import { buildUUID } from '@server/helpers/uuid'
import { CONFIG } from '@server/initializers/config'
import { getAuthNameFromRefreshGrant, getBypassFromExternalAuth, getBypassFromPasswordGrant } from '@server/lib/auth/external-auth'
import { handleOAuthToken } from '@server/lib/auth/oauth'
import { BypassLogin, revokeToken } from '@server/lib/auth/oauth-model'
import { Hooks } from '@server/lib/plugins/hooks'
-import { asyncMiddleware, authenticate } from '@server/middlewares'
+import { asyncMiddleware, authenticate, openapiOperationDoc } from '@server/middlewares'
import { ScopedToken } from '@shared/models/users/user-scoped-token'
const tokensRouter = express.Router()
tokensRouter.post('/token',
loginRateLimiter,
+ openapiOperationDoc({ operationId: 'getOAuthToken' }),
asyncMiddleware(handleToken)
)
tokensRouter.post('/revoke-token',
+ openapiOperationDoc({ operationId: 'revokeOAuthToken' }),
authenticate,
asyncMiddleware(handleTokenRevocation)
)
} catch (err) {
logger.warn('Login error', { err })
- return res.status(err.code || 400).json({
- code: err.name,
- error: err.message
+ return res.fail({
+ status: err.code,
+ message: err.message,
+ type: err.name
})
}
}
async function renewScopedTokens (req: express.Request, res: express.Response) {
const user = res.locals.oauth.token.user
- user.feedToken = uuidv4()
+ user.feedToken = buildUUID()
await user.save()
return res.json({