From e1c5503114deef954731904695cd40dccfcef555 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Thu, 23 Apr 2020 11:36:50 +0200
Subject: Support logout and add id and pass tests

---
 server/controllers/api/users/token.ts | 38 +++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 server/controllers/api/users/token.ts

(limited to 'server/controllers/api/users/token.ts')

diff --git a/server/controllers/api/users/token.ts b/server/controllers/api/users/token.ts
new file mode 100644
index 000000000..9694f9e5e
--- /dev/null
+++ b/server/controllers/api/users/token.ts
@@ -0,0 +1,38 @@
+import { handleIdAndPassLogin, handleTokenRevocation } from '@server/lib/auth'
+import * as RateLimit from 'express-rate-limit'
+import { CONFIG } from '@server/initializers/config'
+import * as express from 'express'
+import { Hooks } from '@server/lib/plugins/hooks'
+import { asyncMiddleware, authenticate } from '@server/middlewares'
+
+const tokensRouter = express.Router()
+
+const loginRateLimiter = RateLimit({
+  windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
+  max: CONFIG.RATES_LIMIT.LOGIN.MAX
+})
+
+tokensRouter.post('/token',
+  loginRateLimiter,
+  handleIdAndPassLogin,
+  tokenSuccess
+)
+
+tokensRouter.post('/revoke-token',
+  authenticate,
+  asyncMiddleware(handleTokenRevocation),
+  tokenSuccess
+)
+
+// ---------------------------------------------------------------------------
+
+export {
+  tokensRouter
+}
+// ---------------------------------------------------------------------------
+
+function tokenSuccess (req: express.Request) {
+  const username = req.body.username
+
+  Hooks.runAction('action:api.user.oauth2-got-token', { username, ip: req.ip })
+}
-- 
cgit v1.2.3