mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-08-31 23:10:00 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

share links

Browse source
This commit is contained in:
Milo Schwartz 2024-12-20 22:24:44 -05:00
parent 72dc02ff2e
commit 845d65ad33
No known key found for this signature in database
31 changed files with 1281 additions and 212 deletions
Download patch file Download diff file Expand all files Collapse all files

39
server/routers/accessToken/generateAccessToken.ts
View file

@ -5,7 +5,7 @@ import {
SESSION_COOKIE_EXPIRES
} from "@server/auth";
import db from "@server/db";
import { resourceAccessToken, resources } from "@server/db/schema";
import { ResourceAccessToken, resourceAccessToken, resources } from "@server/db/schema";
import HttpCode from "@server/types/HttpCode";
import response from "@server/utils/response";
import { eq } from "drizzle-orm";
@ -26,9 +26,7 @@ export const generateAccssTokenParamsSchema = z.object({
resourceId: z.string().transform(Number).pipe(z.number().int().positive())
});
export type GenerateAccessTokenResponse = {
token: string;
};
export type GenerateAccessTokenResponse = ResourceAccessToken;
export async function generateAccessToken(
req: Request,
@ -79,30 +77,37 @@ export async function generateAccessToken(
const token = generateIdFromEntropySize(25);
const tokenHash = await hash(token, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1
});
// const tokenHash = await hash(token, {
// memoryCost: 19456,
// timeCost: 2,
// outputLen: 32,
// parallelism: 1
// });
const id = generateId(15);
await db.insert(resourceAccessToken).values({
const [result] = await db.insert(resourceAccessToken).values({
accessTokenId: id,
orgId: resource.orgId,
resourceId,
tokenHash,
tokenHash: token,
expiresAt: expiresAt || null,
sessionLength: sessionLength,
title: title || `${resource.name} Token ${new Date().getTime()}`,
title: title || null,
description: description || null,
createdAt: new Date().getTime()
});
}).returning();
if (!result) {
return next(
createHttpError(
HttpCode.INTERNAL_SERVER_ERROR,
"Failed to generate access token"
)
);
}
return response<GenerateAccessTokenResponse>(res, {
data: {
token: `${id}.${token}`
},
data: result,
success: true,
error: false,
message: "Resource access token generated successfully",

31
server/routers/accessToken/listAccessTokens.ts
View file

@ -10,7 +10,7 @@ import {
import response from "@server/utils/response";
import HttpCode from "@server/types/HttpCode";
import createHttpError from "http-errors";
import { sql, eq, or, inArray, and, count } from "drizzle-orm";
import { sql, eq, or, inArray, and, count, isNull, lt, gt } from "drizzle-orm";
import logger from "@server/logger";
import stoi from "@server/utils/stoi";
@ -54,29 +54,47 @@ function queryAccessTokens(
resourceId: resourceAccessToken.resourceId,
sessionLength: resourceAccessToken.sessionLength,
expiresAt: resourceAccessToken.expiresAt,
tokenHash: resourceAccessToken.tokenHash,
title: resourceAccessToken.title,
description: resourceAccessToken.description,
createdAt: resourceAccessToken.createdAt
createdAt: resourceAccessToken.createdAt,
resourceName: resources.name
};
if (orgId) {
return db
.select(cols)
.from(resourceAccessToken)
.leftJoin(resources, eq(resourceAccessToken.resourceId, resources.resourceId))
.where(
and(
inArray(resourceAccessToken.resourceId, accessibleResourceIds),
eq(resourceAccessToken.orgId, orgId)
inArray(
resourceAccessToken.resourceId,
accessibleResourceIds
),
eq(resourceAccessToken.orgId, orgId),
or(
isNull(resourceAccessToken.expiresAt),
gt(resourceAccessToken.expiresAt, new Date().getTime())
)
)
);
} else if (resourceId) {
return db
.select(cols)
.from(resourceAccessToken)
.leftJoin(resources, eq(resourceAccessToken.resourceId, resources.resourceId))
.where(
and(
inArray(resources.resourceId, accessibleResourceIds),
eq(resources.resourceId, resourceId)
inArray(
resourceAccessToken.resourceId,
accessibleResourceIds
),
eq(resourceAccessToken.resourceId, resourceId),
or(
isNull(resourceAccessToken.expiresAt),
gt(resourceAccessToken.expiresAt, new Date().getTime())
)
)
);
}
@ -174,7 +192,6 @@ export async function listAccessTokens(
status: HttpCode.OK
});
} catch (error) {
throw error;
logger.error(error);
return next(
createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")

14
server/routers/resource/authWithAccessToken.ts
View file

@ -98,12 +98,14 @@ export async function authWithAccessToken(
);
}
const validCode = await verify(tokenItem.tokenHash, accessToken, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1
});
// const validCode = await verify(tokenItem.tokenHash, accessToken, {
// memoryCost: 19456,
// timeCost: 2,
// outputLen: 32,
// parallelism: 1
// });
logger.debug(`${accessToken} ${tokenItem.tokenHash}`)
const validCode = accessToken === tokenItem.tokenHash;
if (!validCode) {
return next(

1
server/routers/resource/authWithPassword.ts
View file

@ -123,7 +123,6 @@ export async function authWithPassword(
const cookie = serializeResourceSessionCookie(
cookieName,
token,
resource.fullDomain
);
res.appendHeader("Set-Cookie", cookie);

1
server/routers/resource/authWithPincode.ts
View file

@ -131,7 +131,6 @@ export async function authWithPincode(
const cookie = serializeResourceSessionCookie(
cookieName,
token,
resource.fullDomain
);
res.appendHeader("Set-Cookie", cookie);

1
server/routers/site/pickSiteDefaults.ts
View file

@ -84,7 +84,6 @@ export async function pickSiteDefaults(
status: HttpCode.OK,
});
} catch (error) {
throw error;
logger.error(error);
return next(
createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")