aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/controllers/api/users/index.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/controllers/api/users/index.ts')
-rw-r--r--server/controllers/api/users/index.ts35
1 files changed, 4 insertions, 31 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index b30f42b43..c488f720b 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -26,12 +26,12 @@ import {
26 usersUpdateValidator 26 usersUpdateValidator
27} from '../../../middlewares' 27} from '../../../middlewares'
28import { 28import {
29 ensureCanManageUser,
29 usersAskResetPasswordValidator, 30 usersAskResetPasswordValidator,
30 usersAskSendVerifyEmailValidator, 31 usersAskSendVerifyEmailValidator,
31 usersBlockingValidator, 32 usersBlockingValidator,
32 usersResetPasswordValidator, 33 usersResetPasswordValidator,
33 usersVerifyEmailValidator, 34 usersVerifyEmailValidator
34 ensureCanManageUser
35} from '../../../middlewares/validators' 35} from '../../../middlewares/validators'
36import { UserModel } from '../../../models/account/user' 36import { UserModel } from '../../../models/account/user'
37import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger' 37import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
@@ -49,15 +49,10 @@ import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
49import { UserRegister } from '../../../../shared/models/users/user-register.model' 49import { UserRegister } from '../../../../shared/models/users/user-register.model'
50import { MUser, MUserAccountDefault } from '@server/typings/models' 50import { MUser, MUserAccountDefault } from '@server/typings/models'
51import { Hooks } from '@server/lib/plugins/hooks' 51import { Hooks } from '@server/lib/plugins/hooks'
52import { handleIdAndPassLogin } from '@server/lib/auth' 52import { tokensRouter } from '@server/controllers/api/users/token'
53 53
54const auditLogger = auditLoggerFactory('users') 54const auditLogger = auditLoggerFactory('users')
55 55
56const loginRateLimiter = RateLimit({
57 windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
58 max: CONFIG.RATES_LIMIT.LOGIN.MAX
59})
60
61// @ts-ignore 56// @ts-ignore
62const signupRateLimiter = RateLimit({ 57const signupRateLimiter = RateLimit({
63 windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS, 58 windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS,
@@ -72,6 +67,7 @@ const askSendEmailLimiter = new RateLimit({
72}) 67})
73 68
74const usersRouter = express.Router() 69const usersRouter = express.Router()
70usersRouter.use('/', tokensRouter)
75usersRouter.use('/', myNotificationsRouter) 71usersRouter.use('/', myNotificationsRouter)
76usersRouter.use('/', mySubscriptionsRouter) 72usersRouter.use('/', mySubscriptionsRouter)
77usersRouter.use('/', myBlocklistRouter) 73usersRouter.use('/', myBlocklistRouter)
@@ -168,23 +164,6 @@ usersRouter.post('/:id/verify-email',
168 asyncMiddleware(verifyUserEmail) 164 asyncMiddleware(verifyUserEmail)
169) 165)
170 166
171usersRouter.post('/token',
172 loginRateLimiter,
173 handleIdAndPassLogin,
174 tokenSuccess
175)
176usersRouter.post('/token',
177 loginRateLimiter,
178 handleIdAndPassLogin,
179 tokenSuccess
180)
181usersRouter.post('/revoke-token',
182 loginRateLimiter,
183 handleIdAndPassLogin,
184 tokenSuccess
185)
186// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
187
188// --------------------------------------------------------------------------- 167// ---------------------------------------------------------------------------
189 168
190export { 169export {
@@ -391,12 +370,6 @@ async function verifyUserEmail (req: express.Request, res: express.Response) {
391 return res.status(204).end() 370 return res.status(204).end()
392} 371}
393 372
394function tokenSuccess (req: express.Request) {
395 const username = req.body.username
396
397 Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })
398}
399
400async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) { 373async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) {
401 const oldUserAuditView = new UserAuditView(user.toFormattedJSON()) 374 const oldUserAuditView = new UserAuditView(user.toFormattedJSON())
402 375