2018-08-01 18:57:45 -04:00
|
|
|
const express = require('express');
|
|
|
|
|
const router = express.Router();
|
|
|
|
|
const config = require('config');
|
|
|
|
|
const crypto = require('crypto');
|
|
|
|
|
|
|
|
|
|
const ModelPath = '../../models/';
|
|
|
|
|
const Key = require(ModelPath + 'Key.js');
|
|
|
|
|
|
2019-01-02 14:20:10 -05:00
|
|
|
const verifyBody = require('../../util/verifyBody');
|
2019-01-02 16:47:18 -05:00
|
|
|
const authenticate = require('../../util/auth/authenticateRequest');
|
|
|
|
|
|
|
|
|
|
|
2018-08-01 18:57:45 -04:00
|
|
|
|
|
|
|
|
const createParams = [
|
|
|
|
|
{name: 'identifier', type: 'string', sanitize: true},
|
|
|
|
|
{name: 'scope', instance: Array}];
|
2019-01-02 16:47:18 -05:00
|
|
|
|
|
|
|
|
router.post('/create', authenticate('key.create'), verifyBody(createParams), async (req, res) => {
|
2018-08-13 06:13:47 -04:00
|
|
|
const keyCount = await Key.countDocuments({issuer: req.username});
|
2018-08-01 18:57:45 -04:00
|
|
|
if (keyCount >= config.get('Key.limit'))
|
|
|
|
|
return res.status(403).json({message: 'Key limit reached.'});
|
|
|
|
|
|
2019-01-02 16:47:18 -05:00
|
|
|
// Make sure the user has all the request scope
|
|
|
|
|
const keyScope = req.body.scope;
|
|
|
|
|
if (!keyScope.every(s => req.scope.includes(s)))
|
2018-08-01 18:57:45 -04:00
|
|
|
return res.status(403).json({message: 'Requested scope exceeds own scope.'});
|
|
|
|
|
|
|
|
|
|
const key = {
|
|
|
|
|
key: await crypto.randomBytes(32).toString('hex'),
|
|
|
|
|
identifier: req.body.identifier,
|
2019-01-02 16:47:18 -05:00
|
|
|
scope: keyScope,
|
2018-08-01 18:57:45 -04:00
|
|
|
issuer: req.username,
|
|
|
|
|
date: Date.now()
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
await Key.create(key);
|
|
|
|
|
|
|
|
|
|
res.status(200).json({
|
|
|
|
|
message: 'Key created.',
|
|
|
|
|
key: key.key
|
|
|
|
|
});
|
2019-01-02 14:25:51 -05:00
|
|
|
});
|
2018-08-01 18:57:45 -04:00
|
|
|
|
2019-01-02 16:47:18 -05:00
|
|
|
|
|
|
|
|
|
2018-08-01 18:57:45 -04:00
|
|
|
const getProps = [
|
|
|
|
|
{name: 'identifier', type: 'string', optional: true},
|
|
|
|
|
{name: 'issuer', type: 'string', optional: true}];
|
2019-01-02 16:47:18 -05:00
|
|
|
|
|
|
|
|
router.get('/get', authenticate('key.get'), verifyBody(getProps), async (req, res) => {
|
2018-08-01 18:57:45 -04:00
|
|
|
let query = {};
|
2017-10-18 13:31:08 -04:00
|
|
|
|
|
|
|
|
if (req.body.identifier)
|
|
|
|
|
query.identifier = req.body.identifier;
|
|
|
|
|
|
2019-01-02 16:47:18 -05:00
|
|
|
if (!req.scope.includes('key.get.others'))
|
2018-08-01 18:57:45 -04:00
|
|
|
query.issuer = req.username;
|
|
|
|
|
else if (req.body.issuer)
|
|
|
|
|
query.issuer = req.body.issuer;
|
|
|
|
|
|
|
|
|
|
const keys = await Key.find(query);
|
|
|
|
|
|
|
|
|
|
res.status(200).json(keys);
|
2019-01-02 14:25:51 -05:00
|
|
|
});
|
2018-08-01 18:57:45 -04:00
|
|
|
|
2019-01-02 16:47:18 -05:00
|
|
|
|
|
|
|
|
|
2018-08-14 08:32:42 -04:00
|
|
|
const deleteProps = [
|
2019-01-02 16:47:18 -05:00
|
|
|
{name: 'keyid', type: 'string'},
|
2018-08-14 08:32:42 -04:00
|
|
|
{name: 'issuer', type: 'string', optional: true}];
|
2018-08-01 18:57:45 -04:00
|
|
|
|
2019-01-02 16:47:18 -05:00
|
|
|
router.post('/delete', authenticate('key.delete'), verifyBody(deleteProps), async (req, res) => {
|
|
|
|
|
let query = {key : req.body.keyid};
|
|
|
|
|
|
|
|
|
|
if (!req.scope.includes('key.delete.others'))
|
2018-08-01 18:57:45 -04:00
|
|
|
query.issuer = req.username;
|
|
|
|
|
else if (req.body.issuer)
|
|
|
|
|
query.issuer = req.body.issuer;
|
|
|
|
|
|
|
|
|
|
const key = await Key.findOne(query);
|
|
|
|
|
if (!key)
|
|
|
|
|
return res.status(422).json({message: 'Key not found.'});
|
|
|
|
|
|
|
|
|
|
await Key.deleteOne({_id: key._id});
|
|
|
|
|
res.status(200).json({message: 'Key deleted.'});
|
2019-01-02 14:25:51 -05:00
|
|
|
});
|
2017-10-21 15:10:24 -04:00
|
|
|
|
2019-01-02 16:47:18 -05:00
|
|
|
|
|
|
|
|
|
2017-10-18 13:31:08 -04:00
|
|
|
module.exports = router;
|
