finalised client APIs and authentication method

2025-11-13 08:12:40 +10:00 · 2024-10-09 00:37:11 +11:00
parent 425934d3ef
commit d4e2dc8cb6
10 changed files with 112 additions and 5 deletions
--- a/server/api/v1/client/auth/callback/index.get.ts
+++ b/server/api/v1/client/auth/callback/index.get.ts
@ -0,0 +1,27 @@
+import clientHandler from "~/server/internal/clients/handler";
+
+export default defineEventHandler(async (h3) => {
+  const userId = await h3.context.session.getUserId(h3);
+  if (!userId) throw createError({ statusCode: 403 });
+
+  const query = getQuery(h3);
+  const providedClientId = query.id?.toString();
+  if (!providedClientId)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Provide client ID in request params as 'id'",
+    });
+
+  const data = await clientHandler.fetchClientMetadata(
+    providedClientId
+  );
+  if (!data)
+    throw createError({
+      statusCode: 404,
+      statusMessage: "Request not found.",
+    });
+
+  await clientHandler.attachUserId(providedClientId, userId);
+
+  return data;
+});
--- a/server/api/v1/client/auth/callback/index.post.ts
+++ b/server/api/v1/client/auth/callback/index.post.ts
@ -0,0 +1,20 @@
+import clientHandler from "~/server/internal/clients/handler";
+
+export default defineEventHandler(async (h3) => {
+  const userId = await h3.context.session.getUserId(h3);
+  if (!userId) throw createError({ statusCode: 403 });
+
+  const body = await readBody(h3);
+  const clientId = await body.id;
+
+  const data = await clientHandler.fetchClientMetadata(clientId);
+  if (!data)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Invalid or expired client ID.",
+    });
+
+  const token = await clientHandler.generateAuthToken(clientId);
+
+  return `drop://handshake/${clientId}/${token}`;
+});
--- a/server/api/v1/client/auth/handshake.post.ts
+++ b/server/api/v1/client/auth/handshake.post.ts
@ -0,0 +1,45 @@
+import clientHandler from "~/server/internal/clients/handler";
+import { useGlobalCertificateAuthority } from "~/server/plugins/ca";
+
+export default defineEventHandler(async (h3) => {
+  const body = await readBody(h3);
+  const clientId = body.clientId;
+  const token = body.token;
+  if (!clientId || !token)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Missing token or client ID from body",
+    });
+
+  const metadata = await clientHandler.fetchClient(clientId);
+  if (!metadata)
+    throw createError({
+      statusCode: 403,
+      statusMessage: "Invalid client ID",
+    });
+  if (!metadata.authToken || !metadata.userId)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Un-authorized client ID",
+    });
+  if (metadata.authToken !== token)
+    throw createError({
+      statusCode: 403,
+      statusMessage: "Invalid token",
+    });
+
+  const ca = useGlobalCertificateAuthority();
+  const bundle = await ca.generateClientCertificate(
+    clientId,
+    metadata.data.name
+  );
+
+  const client = await clientHandler.finialiseClient(clientId);
+  await ca.storeClientCertificate(clientId, bundle);
+
+  return {
+    private: bundle.priv,
+    certificate: bundle.cert,
+    id: client.id,
+  };
+});
--- a/server/api/v1/client/auth/initiate.post.ts
+++ b/server/api/v1/client/auth/initiate.post.ts
@ -0,0 +1,18 @@
+import clientHandler from "~/server/internal/clients/handler";
+
+export default defineEventHandler(async (h3) => {
+  const body = await readBody(h3);
+
+  const name = body.name;
+  const platform = body.platform;
+
+  if (!name || !platform)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Missing name or platform in body",
+    });
+
+  const clientId = await clientHandler.initiate({ name, platform });
+
+  return `/client/${clientId}/callback`;
+});
--- a/server/api/v1/client/auth/session.post.ts
+++ b/server/api/v1/client/auth/session.post.ts
@ -0,0 +1,3 @@
+export default defineEventHandler((h3) => {
+    
+})