feat: manage / create API keys (#1516)

* fix: admin api UI update

* feat: admin api - create dialog UI

* feat: admin api - create + list keys

* feat: admin api localization (wip)

* feat: admin api localization

* feat: admin api - toggle state

* feat: process API keys + format gql request errors to json
This commit is contained in:
Nicolas Giard
2020-02-22 17:38:06 -05:00
committed by GitHub
parent f6b048f148
commit f72cf664eb
14 changed files with 712 additions and 120 deletions

71
server/models/apiKeys.js Normal file
View File

@@ -0,0 +1,71 @@
/* global WIKI */
const Model = require('objection').Model
const moment = require('moment')
const ms = require('ms')
const jwt = require('jsonwebtoken')
/**
* Users model
*/
module.exports = class ApiKey extends Model {
static get tableName() { return 'apiKeys' }
static get jsonSchema () {
return {
type: 'object',
required: ['name', 'key'],
properties: {
id: {type: 'integer'},
name: {type: 'string'},
key: {type: 'string'},
expiration: {type: 'string'},
isRevoked: {type: 'boolean'},
createdAt: {type: 'string'},
validUntil: {type: 'string'}
}
}
}
async $beforeUpdate(opt, context) {
await super.$beforeUpdate(opt, context)
this.updatedAt = moment.utc().toISOString()
}
async $beforeInsert(context) {
await super.$beforeInsert(context)
this.createdAt = moment.utc().toISOString()
this.updatedAt = moment.utc().toISOString()
}
static async createNewKey ({ name, expiration, fullAccess, group }) {
const entry = await WIKI.models.apiKeys.query().insert({
name,
key: 'pending',
expiration: moment.utc().add(ms(expiration), 'ms').toISOString(),
isRevoked: true
})
const key = jwt.sign({
api: entry.id,
grp: fullAccess ? 1 : group
}, {
key: WIKI.config.certs.private,
passphrase: WIKI.config.sessionSecret
}, {
algorithm: 'RS256',
expiresIn: expiration,
audience: WIKI.config.auth.audience,
issuer: 'urn:wiki.js'
})
await WIKI.models.apiKeys.query().findById(entry.id).patch({
key,
isRevoked: false
})
return key
}
}

View File

@@ -26,7 +26,6 @@ module.exports = class User extends Model {
name: {type: 'string', minLength: 1, maxLength: 255},
providerId: {type: 'string'},
password: {type: 'string'},
role: {type: 'string', enum: ['admin', 'guest', 'user']},
tfaIsActive: {type: 'boolean', default: false},
tfaSecret: {type: 'string'},
jobTitle: {type: 'string'},