X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Fapi%2Fusers%2Findex.ts;h=839431afb26f5869b633ea454bdfd895fb52270f;hb=8491293b02ed2ec53eb0fa128161ea0b08d3def9;hp=98eb2beedaf34581b55cbc18e2817484842b821b;hpb=134cf2bce96a8c5aefd55154e884964975d8cf23;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 98eb2beed..839431afb 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts @@ -17,8 +17,8 @@ import { paginationValidator, setDefaultPagination, setDefaultSort, - token, userAutocompleteValidator, + usersListValidator, usersAddValidator, usersGetValidator, usersRegisterValidator, @@ -27,12 +27,12 @@ import { usersUpdateValidator } from '../../../middlewares' import { + ensureCanManageUser, usersAskResetPasswordValidator, usersAskSendVerifyEmailValidator, usersBlockingValidator, usersResetPasswordValidator, - usersVerifyEmailValidator, - ensureCanManageUser + usersVerifyEmailValidator } from '../../../middlewares/validators' import { UserModel } from '../../../models/account/user' import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger' @@ -48,30 +48,25 @@ import { CONFIG } from '../../../initializers/config' import { sequelizeTypescript } from '../../../initializers/database' import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' import { UserRegister } from '../../../../shared/models/users/user-register.model' -import { MUser, MUserAccountDefault } from '@server/typings/models' +import { MUser, MUserAccountDefault } from '@server/types/models' import { Hooks } from '@server/lib/plugins/hooks' +import { tokensRouter } from '@server/controllers/api/users/token' const auditLogger = auditLoggerFactory('users') -const loginRateLimiter = RateLimit({ - windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS, - max: CONFIG.RATES_LIMIT.LOGIN.MAX -}) - -// @ts-ignore const signupRateLimiter = RateLimit({ windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS, max: CONFIG.RATES_LIMIT.SIGNUP.MAX, skipFailedRequests: true }) -// @ts-ignore -const askSendEmailLimiter = new RateLimit({ +const askSendEmailLimiter = RateLimit({ windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX }) const usersRouter = express.Router() +usersRouter.use('/', tokensRouter) usersRouter.use('/', myNotificationsRouter) usersRouter.use('/', mySubscriptionsRouter) usersRouter.use('/', myBlocklistRouter) @@ -91,6 +86,7 @@ usersRouter.get('/', usersSortValidator, setDefaultSort, setDefaultPagination, + asyncMiddleware(usersListValidator), asyncMiddleware(listUsers) ) @@ -168,13 +164,6 @@ usersRouter.post('/:id/verify-email', asyncMiddleware(verifyUserEmail) ) -usersRouter.post('/token', - loginRateLimiter, - token, - tokenSuccess -) -// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route - // --------------------------------------------------------------------------- export { @@ -295,7 +284,13 @@ async function autocompleteUsers (req: express.Request, res: express.Response) { } async function listUsers (req: express.Request, res: express.Response) { - const resultList = await UserModel.listForApi(req.query.start, req.query.count, req.query.sort, req.query.search) + const resultList = await UserModel.listForApi({ + start: req.query.start, + count: req.query.count, + sort: req.query.sort, + search: req.query.search, + blocked: req.query.blocked + }) return res.json(getFormattedObjects(resultList.data, resultList.total, { withAdminFlags: true })) } @@ -381,12 +376,6 @@ async function verifyUserEmail (req: express.Request, res: express.Response) { return res.status(204).end() } -function tokenSuccess (req: express.Request) { - const username = req.body.username - - Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip }) -} - async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) { const oldUserAuditView = new UserAuditView(user.toFormattedJSON())