aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/controllers/api/users
diff options
context:
space:
mode:
Diffstat (limited to 'server/controllers/api/users')
-rw-r--r--server/controllers/api/users/index.ts35
-rw-r--r--server/controllers/api/users/token.ts38
2 files changed, 42 insertions, 31 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index b30f42b43..c488f720b 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -26,12 +26,12 @@ import {
26 usersUpdateValidator 26 usersUpdateValidator
27} from '../../../middlewares' 27} from '../../../middlewares'
28import { 28import {
29 ensureCanManageUser,
29 usersAskResetPasswordValidator, 30 usersAskResetPasswordValidator,
30 usersAskSendVerifyEmailValidator, 31 usersAskSendVerifyEmailValidator,
31 usersBlockingValidator, 32 usersBlockingValidator,
32 usersResetPasswordValidator, 33 usersResetPasswordValidator,
33 usersVerifyEmailValidator, 34 usersVerifyEmailValidator
34 ensureCanManageUser
35} from '../../../middlewares/validators' 35} from '../../../middlewares/validators'
36import { UserModel } from '../../../models/account/user' 36import { UserModel } from '../../../models/account/user'
37import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger' 37import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
@@ -49,15 +49,10 @@ import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
49import { UserRegister } from '../../../../shared/models/users/user-register.model' 49import { UserRegister } from '../../../../shared/models/users/user-register.model'
50import { MUser, MUserAccountDefault } from '@server/typings/models' 50import { MUser, MUserAccountDefault } from '@server/typings/models'
51import { Hooks } from '@server/lib/plugins/hooks' 51import { Hooks } from '@server/lib/plugins/hooks'
52import { handleIdAndPassLogin } from '@server/lib/auth' 52import { tokensRouter } from '@server/controllers/api/users/token'
53 53
54const auditLogger = auditLoggerFactory('users') 54const auditLogger = auditLoggerFactory('users')
55 55
56const loginRateLimiter = RateLimit({
57 windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
58 max: CONFIG.RATES_LIMIT.LOGIN.MAX
59})
60
61// @ts-ignore 56// @ts-ignore
62const signupRateLimiter = RateLimit({ 57const signupRateLimiter = RateLimit({
63 windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS, 58 windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS,
@@ -72,6 +67,7 @@ const askSendEmailLimiter = new RateLimit({
72}) 67})
73 68
74const usersRouter = express.Router() 69const usersRouter = express.Router()
70usersRouter.use('/', tokensRouter)
75usersRouter.use('/', myNotificationsRouter) 71usersRouter.use('/', myNotificationsRouter)
76usersRouter.use('/', mySubscriptionsRouter) 72usersRouter.use('/', mySubscriptionsRouter)
77usersRouter.use('/', myBlocklistRouter) 73usersRouter.use('/', myBlocklistRouter)
@@ -168,23 +164,6 @@ usersRouter.post('/:id/verify-email',
168 asyncMiddleware(verifyUserEmail) 164 asyncMiddleware(verifyUserEmail)
169) 165)
170 166
171usersRouter.post('/token',
172 loginRateLimiter,
173 handleIdAndPassLogin,
174 tokenSuccess
175)
176usersRouter.post('/token',
177 loginRateLimiter,
178 handleIdAndPassLogin,
179 tokenSuccess
180)
181usersRouter.post('/revoke-token',
182 loginRateLimiter,
183 handleIdAndPassLogin,
184 tokenSuccess
185)
186// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
187
188// --------------------------------------------------------------------------- 167// ---------------------------------------------------------------------------
189 168
190export { 169export {
@@ -391,12 +370,6 @@ async function verifyUserEmail (req: express.Request, res: express.Response) {
391 return res.status(204).end() 370 return res.status(204).end()
392} 371}
393 372
394function tokenSuccess (req: express.Request) {
395 const username = req.body.username
396
397 Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })
398}
399
400async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) { 373async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) {
401 const oldUserAuditView = new UserAuditView(user.toFormattedJSON()) 374 const oldUserAuditView = new UserAuditView(user.toFormattedJSON())
402 375
diff --git a/server/controllers/api/users/token.ts b/server/controllers/api/users/token.ts
new file mode 100644
index 000000000..9694f9e5e
--- /dev/null
+++ b/server/controllers/api/users/token.ts
@@ -0,0 +1,38 @@
1import { handleIdAndPassLogin, handleTokenRevocation } from '@server/lib/auth'
2import * as RateLimit from 'express-rate-limit'
3import { CONFIG } from '@server/initializers/config'
4import * as express from 'express'
5import { Hooks } from '@server/lib/plugins/hooks'
6import { asyncMiddleware, authenticate } from '@server/middlewares'
7
8const tokensRouter = express.Router()
9
10const loginRateLimiter = RateLimit({
11 windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
12 max: CONFIG.RATES_LIMIT.LOGIN.MAX
13})
14
15tokensRouter.post('/token',
16 loginRateLimiter,
17 handleIdAndPassLogin,
18 tokenSuccess
19)
20
21tokensRouter.post('/revoke-token',
22 authenticate,
23 asyncMiddleware(handleTokenRevocation),
24 tokenSuccess
25)
26
27// ---------------------------------------------------------------------------
28
29export {
30 tokensRouter
31}
32// ---------------------------------------------------------------------------
33
34function tokenSuccess (req: express.Request) {
35 const username = req.body.username
36
37 Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })
38}