166 lines
4.1 KiB
JavaScript
166 lines
4.1 KiB
JavaScript
import Users from './index'
|
|
import Models from './models'
|
|
|
|
const perPage = 6
|
|
|
|
function cleanUserObject (dbe) {
|
|
return {
|
|
id: dbe.id,
|
|
username: dbe.username,
|
|
display_name: dbe.display_name,
|
|
email: dbe.email,
|
|
avatar_file: dbe.avatar_file,
|
|
activated: dbe.activated === 1,
|
|
locked: dbe.locked === 1,
|
|
ip_addess: dbe.ip_addess,
|
|
password: dbe.password !== null,
|
|
nw_privilege: dbe.nw_privilege,
|
|
created_at: dbe.created_at
|
|
}
|
|
}
|
|
|
|
async function cleanClientObject (dbe) {
|
|
let user = await Users.User.get(dbe.user_id)
|
|
return {
|
|
id: dbe.id,
|
|
title: dbe.title,
|
|
description: dbe.description,
|
|
url: dbe.url,
|
|
redirect_url: dbe.redirect_url,
|
|
grants: dbe.grants,
|
|
icon: dbe.icon,
|
|
user: {
|
|
id: user.id,
|
|
display_name: user.display_name
|
|
},
|
|
scope: dbe.scope,
|
|
secret: dbe.secret,
|
|
verified: dbe.verified === 1,
|
|
created_at: dbe.created_at
|
|
}
|
|
}
|
|
|
|
const API = {
|
|
getAllUsers: async function (page) {
|
|
let count = await Models.User.query().count('id as ids')
|
|
if (!count.length || !count[0]['ids'] || isNaN(page)) {
|
|
return {error: 'No users found'}
|
|
}
|
|
|
|
count = count[0].ids
|
|
let paginated = Users.Pagination(perPage, parseInt(count), page)
|
|
let raw = await Models.User.query().offset(paginated.offset).limit(perPage)
|
|
|
|
let users = []
|
|
for (let i in raw) {
|
|
let entry = raw[i]
|
|
|
|
users.push(cleanUserObject(entry))
|
|
}
|
|
|
|
return {
|
|
page: paginated,
|
|
users: users
|
|
}
|
|
},
|
|
getAllClients: async function (page) {
|
|
let count = await Models.OAuth2Client.query().count('id as ids')
|
|
if (!count.length || !count[0]['ids'] || isNaN(page)) {
|
|
return {error: 'No clients found'}
|
|
}
|
|
|
|
count = count[0].ids
|
|
let paginated = Users.Pagination(perPage, parseInt(count), page)
|
|
let raw = await Models.OAuth2Client.query().offset(paginated.offset).limit(perPage)
|
|
|
|
let clients = []
|
|
for (let i in raw) {
|
|
let entry = raw[i]
|
|
|
|
clients.push(await cleanClientObject(entry))
|
|
}
|
|
|
|
return {
|
|
page: paginated,
|
|
clients: clients
|
|
}
|
|
},
|
|
getClient: async function (id) {
|
|
let raw = await Models.OAuth2Client.query().where('id', id)
|
|
if (!raw.length) return null
|
|
|
|
return cleanClientObject(raw[0])
|
|
},
|
|
updateClient: async function (id, data) {
|
|
if (isNaN(id)) return {error: 'Invalid client ID'}
|
|
|
|
let fields = [
|
|
'title', 'description', 'url', 'redirect_url', 'scope'
|
|
]
|
|
|
|
for (let i in data) {
|
|
if (fields.indexOf(i) === -1) {
|
|
delete data[i]
|
|
}
|
|
}
|
|
|
|
for (let i in fields) {
|
|
if (!data[fields[i]] && fields[i] !== 'scope') return {error: 'Missing fields'}
|
|
}
|
|
|
|
try {
|
|
await Models.OAuth2Client.query().patchAndFetchById(id, data)
|
|
} catch (e) {
|
|
return {error: 'No such client'}
|
|
}
|
|
|
|
return {}
|
|
},
|
|
newSecret: async function (id) {
|
|
if (isNaN(id)) return {error: 'Invalid client ID'}
|
|
let secret = Users.Hash(16)
|
|
|
|
try {
|
|
await Models.OAuth2Client.query().patchAndFetchById(id, {secret: secret})
|
|
} catch (e) {
|
|
return {error: 'No such client'}
|
|
}
|
|
|
|
return {}
|
|
},
|
|
createClient: async function (data, user) {
|
|
let fields = [
|
|
'title', 'description', 'url', 'redirect_url', 'scope'
|
|
]
|
|
|
|
for (let i in data) {
|
|
if (fields.indexOf(i) === -1) {
|
|
delete data[i]
|
|
}
|
|
}
|
|
|
|
for (let i in fields) {
|
|
if (!data[fields[i]] && fields[i] !== 'scope') return {error: 'Missing fields'}
|
|
}
|
|
|
|
let obj = Object.assign({
|
|
secret: Users.Hash(16),
|
|
grants: 'authorization_code',
|
|
created_at: new Date(),
|
|
user_id: user.id
|
|
}, data)
|
|
|
|
return Models.OAuth2Client.query().insert(obj)
|
|
},
|
|
removeClient: async function (id) {
|
|
if (isNaN(id)) return {error: 'Invalid number'}
|
|
await Models.OAuth2Client.query().delete().where('id', id)
|
|
await Models.OAuth2AuthorizedClient.query().delete().where('client_id', id)
|
|
await Models.OAuth2AccessToken.query().delete().where('client_id', id)
|
|
await Models.OAuth2RefreshToken.query().delete().where('client_id', id)
|
|
return true
|
|
}
|
|
}
|
|
|
|
module.exports = API
|