feat: manage / create API keys (#1516)
* fix: admin api UI update * feat: admin api - create dialog UI * feat: admin api - create + list keys * feat: admin api localization (wip) * feat: admin api localization * feat: admin api - toggle state * feat: process API keys + format gql request errors to json
This commit is contained in:
71
server/models/apiKeys.js
Normal file
71
server/models/apiKeys.js
Normal file
@@ -0,0 +1,71 @@
|
||||
/* global WIKI */
|
||||
|
||||
const Model = require('objection').Model
|
||||
const moment = require('moment')
|
||||
const ms = require('ms')
|
||||
const jwt = require('jsonwebtoken')
|
||||
|
||||
/**
|
||||
* Users model
|
||||
*/
|
||||
module.exports = class ApiKey extends Model {
|
||||
static get tableName() { return 'apiKeys' }
|
||||
|
||||
static get jsonSchema () {
|
||||
return {
|
||||
type: 'object',
|
||||
required: ['name', 'key'],
|
||||
|
||||
properties: {
|
||||
id: {type: 'integer'},
|
||||
name: {type: 'string'},
|
||||
key: {type: 'string'},
|
||||
expiration: {type: 'string'},
|
||||
isRevoked: {type: 'boolean'},
|
||||
createdAt: {type: 'string'},
|
||||
validUntil: {type: 'string'}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
async $beforeUpdate(opt, context) {
|
||||
await super.$beforeUpdate(opt, context)
|
||||
|
||||
this.updatedAt = moment.utc().toISOString()
|
||||
}
|
||||
async $beforeInsert(context) {
|
||||
await super.$beforeInsert(context)
|
||||
|
||||
this.createdAt = moment.utc().toISOString()
|
||||
this.updatedAt = moment.utc().toISOString()
|
||||
}
|
||||
|
||||
static async createNewKey ({ name, expiration, fullAccess, group }) {
|
||||
const entry = await WIKI.models.apiKeys.query().insert({
|
||||
name,
|
||||
key: 'pending',
|
||||
expiration: moment.utc().add(ms(expiration), 'ms').toISOString(),
|
||||
isRevoked: true
|
||||
})
|
||||
|
||||
const key = jwt.sign({
|
||||
api: entry.id,
|
||||
grp: fullAccess ? 1 : group
|
||||
}, {
|
||||
key: WIKI.config.certs.private,
|
||||
passphrase: WIKI.config.sessionSecret
|
||||
}, {
|
||||
algorithm: 'RS256',
|
||||
expiresIn: expiration,
|
||||
audience: WIKI.config.auth.audience,
|
||||
issuer: 'urn:wiki.js'
|
||||
})
|
||||
|
||||
await WIKI.models.apiKeys.query().findById(entry.id).patch({
|
||||
key,
|
||||
isRevoked: false
|
||||
})
|
||||
|
||||
return key
|
||||
}
|
||||
}
|
@@ -26,7 +26,6 @@ module.exports = class User extends Model {
|
||||
name: {type: 'string', minLength: 1, maxLength: 255},
|
||||
providerId: {type: 'string'},
|
||||
password: {type: 'string'},
|
||||
role: {type: 'string', enum: ['admin', 'guest', 'user']},
|
||||
tfaIsActive: {type: 'boolean', default: false},
|
||||
tfaSecret: {type: 'string'},
|
||||
jobTitle: {type: 'string'},
|
||||
|
Reference in New Issue
Block a user