Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-25 00:07:47 +01:00
Code Issues Projects Releases Wiki Activity
9bd425c193
unleash.unleash/src/lib/routes/admin-api/api-token-controller.ts

136 lines
4.1 KiB
TypeScript
Raw Normal View History

Feat: Api-Tokens (#774) fixes: #774
2021-03-29 19:58:11 +02:00
import { Response } from 'express';
import Controller from '../controller';
import {
ADMIN,
CREATE_API_TOKEN,
DELETE_API_TOKEN,
UPDATE_API_TOKEN,
} from '../../permissions';
import { ApiTokenService } from '../../services/api-token-service';
import { Logger, LogProvider } from '../../logger';
import { ApiTokenType } from '../../db/api-token-store';
import { AccessService } from '../../services/access-service';
import { IAuthRequest } from '../unleash-types';
import { isRbacEnabled } from '../../util/feature-enabled';
import User from '../../user';
feat: Add username/password authentication (#777)
2021-04-09 13:46:53 +02:00
import { IUnleashConfig } from '../../types/core';
Feat: Api-Tokens (#774) fixes: #774
2021-03-29 19:58:11 +02:00
interface IServices {
apiTokenService: ApiTokenService;
accessService: AccessService;
}
class ApiTokenController extends Controller {
private apiTokenService: ApiTokenService;
private accessService: AccessService;
private extendedPermissions: boolean;
private isRbacEnabled: boolean;
private logger: Logger;
feat: Add username/password authentication (#777)
2021-04-09 13:46:53 +02:00
constructor(config: IUnleashConfig, services: IServices) {
Feat: Api-Tokens (#774) fixes: #774
2021-03-29 19:58:11 +02:00
super(config);
this.apiTokenService = services.apiTokenService;
this.accessService = services.accessService;
this.extendedPermissions = config.extendedPermissions;
this.isRbacEnabled = isRbacEnabled(config);
this.logger = config.getLogger('api-token-controller.js');
this.get('/', this.getAllApiTokens);
this.post('/', this.createApiToken, CREATE_API_TOKEN);
this.put('/:token', this.updateApiToken, UPDATE_API_TOKEN);
this.delete('/:token', this.deleteApiToken, DELETE_API_TOKEN);
}
private isTokenAdmin(user: User) {
if (this.isRbacEnabled) {
return this.accessService.hasPermission(user, UPDATE_API_TOKEN);
}
if (this.extendedPermissions) {
return user.permissions.some(
t => t === UPDATE_API_TOKEN || t === ADMIN,
);
}
return true;
}
async getAllApiTokens(req: IAuthRequest, res: Response): Promise<void> {
const { user } = req;
const isAdmin = this.isTokenAdmin(user);
const tokens = await this.apiTokenService.getAllTokens();
if (isAdmin) {
res.json({ tokens });
} else {
const filteredTokens = tokens.filter(
t => !(t.type === ApiTokenType.ADMIN),
);
res.json({ tokens: filteredTokens });
}
}
async createApiToken(req: IAuthRequest, res: Response): Promise<any> {
const { username, type, expiresAt } = req.body;
if (!username || !type) {
this.logger.error(req.body);
return res.status(400).send();
}
const tokenType =
type.toLowerCase() === 'admin'
? ApiTokenType.ADMIN
: ApiTokenType.CLIENT;
try {
const token = await this.apiTokenService.creteApiToken({
type: tokenType,
username,
expiresAt,
});
return res.status(201).json(token);
} catch (error) {
this.logger.error('error creating api-token', error);
return res.status(500);
}
}
async deleteApiToken(req: IAuthRequest, res: Response): Promise<void> {
const { token } = req.params;
try {
await this.apiTokenService.delete(token);
res.status(200).end();
} catch (error) {
this.logger.error('error creating api-token', error);
res.status(500);
}
}
async updateApiToken(req: IAuthRequest, res: Response): Promise<any> {
const { token } = req.params;
const { expiresAt } = req.body;
if (!expiresAt) {
this.logger.error(req.body);
return res.status(400).send();
}
try {
await this.apiTokenService.updateExpiry(token, expiresAt);
return res.status(200).end();
} catch (error) {
this.logger.error('error creating api-token', error);
return res.status(500);
}
}
}
module.exports = ApiTokenController;
export default ApiTokenController;
Reference in New Issue Copy Permalink