API key WIP
This commit is contained in:
parent
1790a84430
commit
107d1f4750
|
@ -11,9 +11,7 @@ exports.seed = async db => {
|
|||
await db.table('users').insert({
|
||||
username: process.env.ADMIN_ACCOUNT,
|
||||
password: hash,
|
||||
apiKey: randomstring.generate(64),
|
||||
passwordEditedAt: now,
|
||||
apiKeyEditedAt: now,
|
||||
createdAt: now,
|
||||
editedAt: now,
|
||||
enabled: true,
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
const Route = require('../../structures/Route');
|
||||
const log = require('../../utils/Log');
|
||||
const bcrypt = require('bcrypt');
|
||||
const randomstring = require('randomstring');
|
||||
const moment = require('moment');
|
||||
|
||||
class registerPOST extends Route {
|
||||
|
@ -48,8 +47,6 @@ class registerPOST extends Route {
|
|||
username,
|
||||
password: hash,
|
||||
passwordEditedAt: now,
|
||||
apiKey: randomstring.generate(64),
|
||||
apiKeyEditedAt: now,
|
||||
createdAt: now,
|
||||
editedAt: now,
|
||||
enabled: true,
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
const Route = require('../../structures/Route');
|
||||
const randomstring = require('randomstring');
|
||||
const moment = require('moment');
|
||||
const bcrypt = require('bcrypt');
|
||||
|
||||
class apiKeyPOST extends Route {
|
||||
constructor() {
|
||||
|
@ -10,17 +11,27 @@ class apiKeyPOST extends Route {
|
|||
async run(req, res, db, user) {
|
||||
const now = moment.utc().toDate();
|
||||
const apiKey = randomstring.generate(64);
|
||||
await db.table('users')
|
||||
.where({ id: user.id })
|
||||
.update({
|
||||
apiKey,
|
||||
apiKeyEditedAt: now
|
||||
|
||||
try {
|
||||
const hash = await bcrypt.hash(apiKey, 10);
|
||||
|
||||
await db.table('users')
|
||||
.where({ id: user.id })
|
||||
.update({
|
||||
apiKey: hash,
|
||||
apiKeyEditedAt: now
|
||||
});
|
||||
|
||||
return res.json({
|
||||
message: 'Successfully created new api key',
|
||||
apiKey
|
||||
});
|
||||
|
||||
return res.json({
|
||||
message: 'Successfully created new api key',
|
||||
apiKey
|
||||
});
|
||||
} catch (error) {
|
||||
return super.error(res, error);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -11,8 +11,7 @@ class usersGET extends Route {
|
|||
user: {
|
||||
id: user.id,
|
||||
username: user.username,
|
||||
isAdmin: user.isAdmin,
|
||||
apiKey: user.apiKey
|
||||
isAdmin: user.isAdmin
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -9,7 +9,6 @@ class verifyGET extends Route {
|
|||
const returnUser = {
|
||||
id: user.id,
|
||||
username: user.username,
|
||||
apiKey: user.apiKey,
|
||||
isAdmin: user.isAdmin
|
||||
};
|
||||
|
||||
|
|
|
@ -26,6 +26,7 @@ class Route {
|
|||
|
||||
authorize(req, res) {
|
||||
if (this.options.bypassAuth) return this.run(req, res, db);
|
||||
console.log(req.headers);
|
||||
if (!req.headers.authorization) return res.status(401).json({ message: 'No authorization header provided' });
|
||||
const token = req.headers.authorization.split(' ')[1];
|
||||
if (!token) return res.status(401).json({ message: 'No authorization header provided' });
|
||||
|
|
|
@ -41,12 +41,14 @@ export default {
|
|||
processCatch(error, logout) {
|
||||
if (error.response && error.response.data && error.response.data.message) {
|
||||
this.showToast(error.response.data.message, true, 5000);
|
||||
/*
|
||||
if (error.response.status === 429) return;
|
||||
if (error.response.status === 502) return;
|
||||
if (error.response.data.message === 'Token expired') {
|
||||
this.$logOut();
|
||||
setTimeout(() => this.$router.push('/'), 3000);
|
||||
}
|
||||
*/
|
||||
} else {
|
||||
console.error(error);
|
||||
this.showToast('Something went wrong, please check the console :(', true, 5000);
|
||||
|
|
|
@ -67,7 +67,8 @@
|
|||
message="This API key lets you use the service from other apps"
|
||||
horizontal>
|
||||
<b-input v-model="user.apiKey"
|
||||
expanded />
|
||||
expanded
|
||||
disabled />
|
||||
</b-field>
|
||||
|
||||
<div class="mb2 mt2 text-center">
|
||||
|
@ -130,7 +131,8 @@ export default {
|
|||
},
|
||||
promptNewAPIKey() {
|
||||
this.$dialog.confirm({
|
||||
message: 'Are you sure you want to regenerate your API key?',
|
||||
type: 'is-danger',
|
||||
message: 'Are you sure you want to regenerate your API key? If you had a previous API key generated it will stop working. Make sure to write it down as this is the only time its gonna be displayed to you.',
|
||||
onConfirm: () => this.requestNewAPIKey()
|
||||
});
|
||||
},
|
||||
|
@ -139,6 +141,7 @@ export default {
|
|||
const response = await this.axios.post(`${this.config.baseURL}/user/apikey/change`);
|
||||
this.user.apiKey = response.data.apiKey;
|
||||
this.$toast.open(response.data.message);
|
||||
this.$forceUpdate();
|
||||
} catch (error) {
|
||||
this.$onPromiseError(error);
|
||||
}
|
||||
|
|
|
@ -116,6 +116,7 @@ export default {
|
|||
this.getUserData();
|
||||
}
|
||||
*/
|
||||
document.cookie = `token=${encodeURIComponent(res.data.token)}`;
|
||||
this.redirect();
|
||||
}).catch(err => {
|
||||
this.isLoading = false;
|
||||
|
|
|
@ -53,12 +53,13 @@ export const actions = {
|
|||
if (req.headers.cookie) {
|
||||
try {
|
||||
token = cookieparser.parse(req.headers.cookie).token;
|
||||
console.log(token);
|
||||
commit('loggedIn', true);
|
||||
commit('token', token);
|
||||
|
||||
const res = await axios.get(`${process.env.DOMAIN}${process.env.ROUTE_PREFIX}/verify`);
|
||||
if (!res || !res.data.user);
|
||||
commit('user', res.data.user);
|
||||
const res = await axios.get(`${process.env.DOMAIN}${process.env.ROUTE_PREFIX}/verify`, {
|
||||
headers: { authorization: `Bearer ${token}` }
|
||||
});
|
||||
if (res && res.data.user) commit('user', res.data.user);
|
||||
} catch (error) {
|
||||
// TODO: Deactivate this on production
|
||||
console.error(error);
|
||||
|
|
Loading…
Reference in New Issue