aboutsummaryrefslogblamecommitdiffhomepage
path: root/server/controllers/api/users/token.ts
blob: 41aa2676916bf0c0656d717b6fd123ce9836d8e4 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
                                                                     













                                                                   
              



                                  
                                        












                                                                               
import { handleLogin, handleTokenRevocation } from '@server/lib/auth'
import * as RateLimit from 'express-rate-limit'
import { CONFIG } from '@server/initializers/config'
import * as express from 'express'
import { Hooks } from '@server/lib/plugins/hooks'
import { asyncMiddleware, authenticate } from '@server/middlewares'

const tokensRouter = express.Router()

const loginRateLimiter = RateLimit({
  windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
  max: CONFIG.RATES_LIMIT.LOGIN.MAX
})

tokensRouter.post('/token',
  loginRateLimiter,
  handleLogin,
  tokenSuccess
)

tokensRouter.post('/revoke-token',
  authenticate,
  asyncMiddleware(handleTokenRevocation)
)

// ---------------------------------------------------------------------------

export {
  tokensRouter
}
// ---------------------------------------------------------------------------

function tokenSuccess (req: express.Request) {
  const username = req.body.username

  Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })
}