/* * SPDX-FileCopyrightText: syuilo and other misskey contributors * SPDX-License-Identifier: AGPL-3.0-only */ import { Inject, Injectable } from '@nestjs/common'; import { Endpoint } from '@/server/api/endpoint-base.js'; import type { AccessTokensRepository } from '@/models/_.js'; import { IdService } from '@/core/IdService.js'; import { secureRndstr } from '@/misc/secure-rndstr.js'; import { DI } from '@/di-symbols.js'; export const meta = { tags: ['auth'], requireCredential: true, secure: true, res: { type: 'object', optional: false, nullable: false, properties: { token: { type: 'string', optional: false, nullable: false, }, }, }, } as const; export const paramDef = { type: 'object', properties: { session: { type: 'string', nullable: true }, name: { type: 'string', nullable: true }, description: { type: 'string', nullable: true }, iconUrl: { type: 'string', nullable: true }, permission: { type: 'array', uniqueItems: true, items: { type: 'string', } }, }, required: ['session', 'permission'], } as const; @Injectable() export default class extends Endpoint { // eslint-disable-line import/no-default-export constructor( @Inject(DI.accessTokensRepository) private accessTokensRepository: AccessTokensRepository, private idService: IdService, ) { super(meta, paramDef, async (ps, me) => { // Generate access token const accessToken = secureRndstr(32); const now = new Date(); // Insert access token doc await this.accessTokensRepository.insert({ id: this.idService.genId(), createdAt: now, lastUsedAt: now, session: ps.session, userId: me.id, token: accessToken, hash: accessToken, name: ps.name, description: ps.description, iconUrl: ps.iconUrl, permission: ps.permission, }); return { token: accessToken, }; }); } }