yume/paricafe
1
0
Fork 0
mirror of https://github.com/paricafe/misskey.git synced 2025-01-11 02:00:50 -06:00
Code Issues Projects Releases Packages Wiki Activity
paricafe/packages/backend/src/server/api/endpoints/auth/accept.ts
syuilo b75184ec8e
なんかもうめっちゃ変えた
2022-09-18 03:27:08 +09:00

96 lines
2.3 KiB
TypeScript
Raw Blame History

import * as crypto from 'node:crypto';
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import { AuthSessionsRepository, AppsRepository, AccessTokensRepository } from '@/models/index.js';
import { IdService } from '@/core/IdService.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';
import { DI } from '@/di-symbols.js';
import { ApiError } from '../../error.js';
export const meta = {
tags: ['auth'],
requireCredential: true,
secure: true,
errors: {
noSuchSession: {
message: 'No such session.',
code: 'NO_SUCH_SESSION',
id: '9c72d8de-391a-43c1-9d06-08d29efde8df',
},
},
} as const;
export const paramDef = {
type: 'object',
properties: {
token: { type: 'string' },
},
required: ['token'],
} as const;
// eslint-disable-next-line import/no-default-export
@Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> {
constructor(
@Inject(DI.appsRepository)
private appsRepository: AppsRepository,
@Inject(DI.authSessionsRepository)
private authSessionsRepository: AuthSessionsRepository,
@Inject(DI.accessTokensRepository)
private accessTokensRepository: AccessTokensRepository,
private idService: IdService,
) {
super(meta, paramDef, async (ps, me) => {
// Fetch token
const session = await this.authSessionsRepository
.findOneBy({ token: ps.token });
if (session == null) {
throw new ApiError(meta.errors.noSuchSession);
}
// Generate access token
const accessToken = secureRndstr(32, true);
// Fetch exist access token
const exist = await this.accessTokensRepository.findOneBy({
appId: session.appId,
userId: me.id,
});
if (exist == null) {
// Lookup app
const app = await this.appsRepository.findOneByOrFail({ id: session.appId });
// Generate Hash
const sha256 = crypto.createHash('sha256');
sha256.update(accessToken + app.secret);
const hash = sha256.digest('hex');
const now = new Date();
// Insert access token doc
await this.accessTokensRepository.insert({
id: this.idService.genId(),
createdAt: now,
lastUsedAt: now,
appId: session.appId,
userId: me.id,
token: accessToken,
hash: hash,
});
}
// Update session
await this.authSessionsRepository.update(session.id, {
userId: me.id,
});
});
}
}
Reference in a new issue View git blame Copy permalink