Ryan/drop
1
0
Fork 0
mirror of https://github.com/Drop-OSS/drop.git synced 2025-11-09 20:12:10 +10:00
Code Issues Packages Projects Releases Wiki Activity
Files
b33e27e44660e559841b00df1c3b23437bb4581d
drop/server/api/v1/user/token/index.post.ts
DecDuck b33e27e446 API tokens (#201) 
* fix: small fixes to request util and version update endpoint

* feat: api token creation and management

* fix: lint

* fix: remove unneeded sidebar component
2025-08-23 13:58:52 +10:00

40 lines
1.1 KiB
TypeScript
Raw Blame History

import { type } from "arktype";
import { APITokenMode } from "~/prisma/client/enums";
import { readDropValidatedBody, throwingArktype } from "~/server/arktype";
import aclManager, { userACLs } from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
const CreateToken = type({
name: "string",
acls: "string[] > 0",
expiry: "string.date.iso.parse?",
}).configure(throwingArktype);
export default defineEventHandler(async (h3) => {
const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
if (!userId) throw createError({ statusCode: 403 });
const body = await readDropValidatedBody(h3, CreateToken);
const invalidACLs = body.acls.filter(
(e) => userACLs.findIndex((v) => e == v) == -1,
);
if (invalidACLs.length > 0)
throw createError({
statusCode: 400,
statusMessage: `Invalid ACLs: ${invalidACLs.join(", ")}`,
});
const token = await prisma.aPIToken.create({
data: {
mode: APITokenMode.User,
name: body.name,
userId: userId,
acls: body.acls,
expiresAt: body.expiry ?? null,
},
});
return token;
});
Reference in New Issue View Git Blame Copy Permalink