wikijs-fork/server/models/userKeys.js

75 lines
1.7 KiB
JavaScript
Raw Normal View History

2018-12-24 06:03:10 +00:00
/* global WIKI */
const _ = require('lodash')
const securityHelper = require('../helpers/security')
const Model = require('objection').Model
const moment = require('moment')
const nanoid = require('nanoid')
/**
* Users model
*/
module.exports = class UserKey extends Model {
static get tableName() { return 'userKeys' }
static get jsonSchema () {
return {
type: 'object',
required: ['kind', 'token', 'validUntil'],
properties: {
id: {type: 'integer'},
kind: {type: 'string'},
token: {type: 'string'},
createdAt: {type: 'string'},
validUntil: {type: 'string'}
}
}
}
static get relationMappings() {
return {
user: {
relation: Model.BelongsToOneRelation,
modelClass: require('./users'),
join: {
from: 'userKeys.userId',
to: 'users.id'
}
}
}
}
async $beforeInsert(context) {
await super.$beforeInsert(context)
this.createdAt = moment.utc().toISOString()
}
static async generateToken ({ userId, kind }, context) {
const token = await nanoid()
await WIKI.models.userKeys.query().insert({
kind,
token,
validUntil: moment.utc().add(1, 'days').toISOString(),
userId
})
return token
}
static async validateToken ({ kind, token }, context) {
const res = await WIKI.models.userKeys.query().findOne({ kind, token }).eager('user')
if (res) {
await WIKI.models.userKeys.query().deleteById(res.id)
if (moment.utc().isAfter(moment.utc(res.validUntil))) {
throw new WIKI.Error.AuthValidationTokenInvalid()
}
return res.user
} else {
throw new WIKI.Error.AuthValidationTokenInvalid()
}
return token
}
}