Ryan/drop
1
0
Fork 0
mirror of https://github.com/Drop-OSS/drop.git synced 2025-11-14 00:31:25 +10:00
Code Issues Packages Projects Releases Wiki Activity

feat: allow client-based web tokens

Browse Source
This commit is contained in:
DecDuck
2025-04-08 16:16:40 +10:00
parent 043ef6dcd2
commit 42349ad4e1
8 changed files with 59 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
server/api/v1/client/user/webtoken.post.ts Normal file
View File

@ -0,0 +1,31 @@
import { APITokenMode } from "@prisma/client";
import { DateTime } from "luxon";
import { UserACL } from "~/server/internal/acls";
import { defineClientEventHandler } from "~/server/internal/clients/event-handler";
import prisma from "~/server/internal/db/database";
export default defineClientEventHandler(
async (h3, { fetchUser, fetchClient, clientId }) => {
const user = await fetchUser();
const client = await fetchClient();
const acls: UserACL = [
"read",
"store:read",
"collections:read",
"object:read",
];
const token = await prisma.aPIToken.create({
data: {
name: `${client.name} Web Access Token ${DateTime.now().toISO()}`,
clientId,
userId: user.id,
mode: APITokenMode.Client,
acls,
},
});
return token.token;
}
);

2
server/api/v1/collection/index.get.ts
View File

@ -2,7 +2,7 @@ import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await aclManager.getUserIdACL(h3, ["collections:new"]);
const userId = await aclManager.getUserIdACL(h3, ["collections:read"]);
if (!userId)
throw createError({
statusCode: 403,