diff options
Diffstat (limited to 'server/controllers/api/users/token.ts')
| -rw-r--r-- | server/controllers/api/users/token.ts | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/server/controllers/api/users/token.ts b/server/controllers/api/users/token.ts index 694bb0a92..b405ddbf4 100644 --- a/server/controllers/api/users/token.ts +++ b/server/controllers/api/users/token.ts | |||
| @@ -1,13 +1,13 @@ | |||
| 1 | import * as express from 'express' | 1 | import * as express from 'express' |
| 2 | import * as RateLimit from 'express-rate-limit' | 2 | import * as RateLimit from 'express-rate-limit' |
| 3 | import { v4 as uuidv4 } from 'uuid' | ||
| 4 | import { logger } from '@server/helpers/logger' | 3 | import { logger } from '@server/helpers/logger' |
| 4 | import { buildUUID } from '@server/helpers/uuid' | ||
| 5 | import { CONFIG } from '@server/initializers/config' | 5 | import { CONFIG } from '@server/initializers/config' |
| 6 | import { getAuthNameFromRefreshGrant, getBypassFromExternalAuth, getBypassFromPasswordGrant } from '@server/lib/auth/external-auth' | 6 | import { getAuthNameFromRefreshGrant, getBypassFromExternalAuth, getBypassFromPasswordGrant } from '@server/lib/auth/external-auth' |
| 7 | import { handleOAuthToken } from '@server/lib/auth/oauth' | 7 | import { handleOAuthToken } from '@server/lib/auth/oauth' |
| 8 | import { BypassLogin, revokeToken } from '@server/lib/auth/oauth-model' | 8 | import { BypassLogin, revokeToken } from '@server/lib/auth/oauth-model' |
| 9 | import { Hooks } from '@server/lib/plugins/hooks' | 9 | import { Hooks } from '@server/lib/plugins/hooks' |
| 10 | import { asyncMiddleware, authenticate } from '@server/middlewares' | 10 | import { asyncMiddleware, authenticate, openapiOperationDoc } from '@server/middlewares' |
| 11 | import { ScopedToken } from '@shared/models/users/user-scoped-token' | 11 | import { ScopedToken } from '@shared/models/users/user-scoped-token' |
| 12 | 12 | ||
| 13 | const tokensRouter = express.Router() | 13 | const tokensRouter = express.Router() |
| @@ -19,10 +19,12 @@ const loginRateLimiter = RateLimit({ | |||
| 19 | 19 | ||
| 20 | tokensRouter.post('/token', | 20 | tokensRouter.post('/token', |
| 21 | loginRateLimiter, | 21 | loginRateLimiter, |
| 22 | openapiOperationDoc({ operationId: 'getOAuthToken' }), | ||
| 22 | asyncMiddleware(handleToken) | 23 | asyncMiddleware(handleToken) |
| 23 | ) | 24 | ) |
| 24 | 25 | ||
| 25 | tokensRouter.post('/revoke-token', | 26 | tokensRouter.post('/revoke-token', |
| 27 | openapiOperationDoc({ operationId: 'revokeOAuthToken' }), | ||
| 26 | authenticate, | 28 | authenticate, |
| 27 | asyncMiddleware(handleTokenRevocation) | 29 | asyncMiddleware(handleTokenRevocation) |
| 28 | ) | 30 | ) |
| @@ -78,9 +80,10 @@ async function handleToken (req: express.Request, res: express.Response, next: e | |||
| 78 | } catch (err) { | 80 | } catch (err) { |
| 79 | logger.warn('Login error', { err }) | 81 | logger.warn('Login error', { err }) |
| 80 | 82 | ||
| 81 | return res.status(err.code || 400).json({ | 83 | return res.fail({ |
| 82 | code: err.name, | 84 | status: err.code, |
| 83 | error: err.message | 85 | message: err.message, |
| 86 | type: err.name | ||
| 84 | }) | 87 | }) |
| 85 | } | 88 | } |
| 86 | } | 89 | } |
| @@ -104,7 +107,7 @@ function getScopedTokens (req: express.Request, res: express.Response) { | |||
| 104 | async function renewScopedTokens (req: express.Request, res: express.Response) { | 107 | async function renewScopedTokens (req: express.Request, res: express.Response) { |
| 105 | const user = res.locals.oauth.token.user | 108 | const user = res.locals.oauth.token.user |
| 106 | 109 | ||
| 107 | user.feedToken = uuidv4() | 110 | user.feedToken = buildUUID() |
| 108 | await user.save() | 111 | await user.save() |
| 109 | 112 | ||
| 110 | return res.json({ | 113 | return res.json({ |