2021-03-29 19:58:11 +02:00
|
|
|
import crypto from 'crypto';
|
|
|
|
import { ApiTokenStore, IApiToken, ApiTokenType } from '../db/api-token-store';
|
2021-04-22 23:40:52 +02:00
|
|
|
import { Logger } from '../logger';
|
2021-05-02 20:58:02 +02:00
|
|
|
import { ADMIN, CLIENT } from '../types/permissions';
|
2021-04-22 10:07:10 +02:00
|
|
|
import { IUnleashStores } from '../types/stores';
|
|
|
|
import { IUnleashConfig } from '../types/option';
|
2021-04-22 23:40:52 +02:00
|
|
|
import ApiUser from '../types/api-user';
|
2021-03-29 19:58:11 +02:00
|
|
|
|
|
|
|
const ONE_MINUTE = 60_000;
|
|
|
|
|
|
|
|
interface CreateTokenRequest {
|
|
|
|
username: string;
|
|
|
|
type: ApiTokenType;
|
|
|
|
expiresAt?: Date;
|
|
|
|
}
|
|
|
|
|
|
|
|
export class ApiTokenService {
|
|
|
|
private store: ApiTokenStore;
|
|
|
|
|
|
|
|
private logger: Logger;
|
|
|
|
|
|
|
|
private timer: NodeJS.Timeout;
|
|
|
|
|
|
|
|
private activeTokens: IApiToken[] = [];
|
|
|
|
|
2021-04-22 10:07:10 +02:00
|
|
|
constructor(
|
|
|
|
stores: Pick<IUnleashStores, 'apiTokenStore'>,
|
|
|
|
config: Pick<IUnleashConfig, 'getLogger'>,
|
|
|
|
) {
|
2021-03-29 19:58:11 +02:00
|
|
|
this.store = stores.apiTokenStore;
|
|
|
|
this.logger = config.getLogger('/services/api-token-service.ts');
|
|
|
|
this.fetchActiveTokens();
|
|
|
|
this.timer = setInterval(
|
|
|
|
() => this.fetchActiveTokens(),
|
|
|
|
ONE_MINUTE,
|
|
|
|
).unref();
|
|
|
|
}
|
|
|
|
|
|
|
|
private async fetchActiveTokens(): Promise<void> {
|
|
|
|
try {
|
|
|
|
this.activeTokens = await this.getAllActiveTokens();
|
|
|
|
} finally {
|
|
|
|
// eslint-disable-next-line no-unsafe-finally
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public async getAllTokens(): Promise<IApiToken[]> {
|
|
|
|
return this.store.getAll();
|
|
|
|
}
|
|
|
|
|
|
|
|
public async getAllActiveTokens(): Promise<IApiToken[]> {
|
|
|
|
return this.store.getAllActive();
|
|
|
|
}
|
|
|
|
|
2021-04-22 23:40:52 +02:00
|
|
|
public getUserForToken(secret: string): ApiUser | undefined {
|
2021-03-29 19:58:11 +02:00
|
|
|
const token = this.activeTokens.find(t => t.secret === secret);
|
|
|
|
if (token) {
|
|
|
|
const permissions =
|
|
|
|
token.type === ApiTokenType.ADMIN ? [ADMIN] : [CLIENT];
|
|
|
|
|
2021-04-22 23:40:52 +02:00
|
|
|
return new ApiUser({
|
2021-03-29 19:58:11 +02:00
|
|
|
username: token.username,
|
|
|
|
permissions,
|
|
|
|
});
|
|
|
|
}
|
|
|
|
return undefined;
|
|
|
|
}
|
|
|
|
|
|
|
|
public async updateExpiry(
|
|
|
|
secret: string,
|
|
|
|
expiresAt: Date,
|
|
|
|
): Promise<IApiToken> {
|
|
|
|
return this.store.setExpiry(secret, expiresAt);
|
|
|
|
}
|
|
|
|
|
|
|
|
public async delete(secret: string): Promise<void> {
|
|
|
|
return this.store.delete(secret);
|
|
|
|
}
|
|
|
|
|
|
|
|
public async creteApiToken(
|
|
|
|
creteTokenRequest: CreateTokenRequest,
|
|
|
|
): Promise<IApiToken> {
|
|
|
|
const secret = this.generateSecretKey();
|
|
|
|
const createNewToken = { ...creteTokenRequest, secret };
|
|
|
|
return this.store.insert(createNewToken);
|
|
|
|
}
|
|
|
|
|
|
|
|
private generateSecretKey() {
|
|
|
|
return crypto.randomBytes(32).toString('hex');
|
|
|
|
}
|
|
|
|
|
2021-04-22 23:40:52 +02:00
|
|
|
destroy(): void {
|
2021-03-29 19:58:11 +02:00
|
|
|
clearInterval(this.timer);
|
|
|
|
this.timer = null;
|
|
|
|
}
|
|
|
|
}
|