feat: api token migration, new ACP tokens list, token creation

2025-11-17 19:21:04 +01:00 · 2023-05-02 11:11:05 -04:00
parent 7b8bffd763
commit e4888dea17
14 changed files with 233 additions and 120 deletions
--- a/src/api/users.js
+++ b/src/api/users.js
@@ -20,6 +20,8 @@ const translator = require('../translator');
 const sockets = require('../socket.io');
 const utils = require('../utils');

+const api = require('.');
+
 const usersAPI = module.exports;

 const hasAdminPrivilege = async (uid, privilege) => {
@@ -313,19 +315,7 @@ usersAPI.generateToken = async (caller, { uid, description }) => {
 		throw new Error('[[error:invalid-uid]]');
 	}

-	const settings = await meta.settings.get('core.api');
-	settings.tokens = settings.tokens || [];
-
-	const newToken = {
-		token: utils.generateUUID(),
-		uid: caller.uid,
-		description: description || '',
-		timestamp: Date.now(),
-	};
-	settings.tokens.push(newToken);
-	await meta.settings.set('core.api', settings);
-
-	return newToken;
+	return await api.utils.tokens.generate({ uid, description });
 };

 usersAPI.deleteToken = async (caller, { uid, token }) => {
@@ -334,15 +324,8 @@ usersAPI.deleteToken = async (caller, { uid, token }) => {
 		throw new Error('[[error:invalid-uid]]');
 	}

-	const settings = await meta.settings.get('core.api');
-	const beforeLen = settings.tokens.length;
-	settings.tokens = settings.tokens.filter(tokenObj => tokenObj.token !== token);
-	if (beforeLen !== settings.tokens.length) {
-		await meta.settings.set('core.api', settings);
-		return true;
-	}
-
-	return false;
+	await api.utils.tokens.delete(token);
+	return true;
 };

 const getSessionAsync = util.promisify((sid, callback) => {
--- a/src/api/utils.js
+++ b/src/api/utils.js
@@ -34,16 +34,16 @@ utils.tokens.get = async (tokens) => {
 	]);

 	tokenObjs.forEach((tokenObj, idx) => {
+		tokenObj.token = tokens[idx];
 		tokenObj.lastSeen = lastSeen[idx];
+		tokenObj.lastSeenISO = new Date(lastSeen[idx]).toISOString();
+		tokenObj.timestampISO = new Date(parseInt(tokenObj.timestamp, 10)).toISOString();
 	});

 	return singular ? tokenObjs[0] : tokenObjs;
 };

 utils.tokens.generate = async ({ uid, description }) => {
-	const token = srcUtils.generateUUID();
-	const timestamp = Date.now();
-
 	if (parseInt(uid, 10) !== 0) {
 		const uidExists = await user.exists(uid);
 		if (!uidExists) {
@@ -51,6 +51,17 @@ utils.tokens.generate = async ({ uid, description }) => {
 		}
 	}

+	const token = srcUtils.generateUUID();
+	const timestamp = Date.now();
+
+	return utils.tokens.add({ token, uid, description, timestamp });
+};
+
+utils.tokens.add = async ({ token, uid, description = '', timestamp = Date.now() }) => {
+	if (!token || uid === undefined) {
+		throw new Error('[[error:invalid-data]]');
+	}
+
 	await Promise.all([
 		db.setObject(`token:${token}`, { uid, description, timestamp }),
 		db.sortedSetAdd(`tokens:createtime`, timestamp, token),
@@ -60,8 +71,11 @@ utils.tokens.generate = async ({ uid, description }) => {
 	return token;
 };

-utils.tokens.update = async (token, { description }) => {
-	await db.setObject(`token:${token}`, { description });
+utils.tokens.update = async (token, { uid, description }) => {
+	await Promise.all([
+		db.setObject(`token:${token}`, { uid, description }),
+		db.sortedSetAdd(`tokens:uid`, uid, token),
+	]);

 	return await utils.tokens.get(token);
 };