foltik
/
shimapan
kopia lustrzana https://github.com/Foltik/Shimapan
1
0
Forkuj 0
Kod Zgłoszenia 0 Wydania 0 Wiki Aktywność
A simple file sharing site with an easy to use API and online panel.
Nie możesz wybrać więcej, niż 25 tematów Tematy muszą się zaczynać od litery lub cyfry, mogą zawierać myślniki ('-') i mogą mieć do 35 znaków.
269 Commity
2 Gałęzie
29MB
Drzewo: 00d14df372
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '00d14df372'
${ noResults }
shimapan/app/routes/api/keys.js

80 wiersze
2.5KB
Czysty Wina Historia 

  1. const express = require('express');

  2. const router = express.Router();

  3. const config = require('config');

  4. const crypto = require('crypto');

  5. 

  6. const ModelPath = '../../models/';

  7. const Key = require(ModelPath + 'Key.js');

  8. 

  9. const verifyBody = require('../../util/verifyBody');

  10. const verifyScope = require('../../util/verifyScope');

  11. const requireAuth = require('../../util/auth').requireAuth;

  12. 

  13. const createParams = [

  14.     {name: 'identifier', type: 'string', sanitize: true},

  15.     {name: 'scope', instance: Array}];

  16. router.post('/create', requireAuth('key.create'), verifyBody(createParams), async (req, res) => {

  17.     const keyCount = await Key.countDocuments({issuer: req.username});

  18.     if (keyCount >= config.get('Key.limit'))

  19.         return res.status(403).json({message: 'Key limit reached.'});

  20. 

  21.     const scope = req.body.scope;

  22.     if (!scope.every(scope => verifyScope(req.scope, scope)))

  23.         return res.status(403).json({message: 'Requested scope exceeds own scope.'});

  24. 

  25.     const key = {

  26.         key: await crypto.randomBytes(32).toString('hex'),

  27.         identifier: req.body.identifier,

  28.         scope: scope,

  29.         issuer: req.username,

  30.         date: Date.now()

  31.     };

  32. 

  33.     await Key.create(key);

  34. 

  35.     res.status(200).json({

  36.         message: 'Key created.',

  37.         key: key.key

  38.     });

  39. });

  40. 

  41. const getProps = [

  42.     {name: 'identifier', type: 'string', optional: true},

  43.     {name: 'issuer', type: 'string', optional: true}];

  44. router.get('/get', requireAuth('key.get'), verifyBody(getProps), async (req, res) => {

  45.     let query = {};

  46. 

  47.     if (req.body.identifier)

  48.         query.identifier = req.body.identifier;

  49. 

  50.     if (!verifyScope(req.scope, 'key.get.others'))

  51.         query.issuer = req.username;

  52.     else if (req.body.issuer)

  53.         query.issuer = req.body.issuer;

  54. 

  55.     const keys = await Key.find(query);

  56. 

  57.     res.status(200).json(keys);

  58. });

  59. 

  60. const deleteProps = [

  61.     {name: 'key', type: 'string'},

  62.     {name: 'issuer', type: 'string', optional: true}];

  63. router.post('/delete', requireAuth('key.delete'), verifyBody(deleteProps), async (req, res) => {

  64.     let query = {key : req.body.key};

  65. 

  66.     if (!verifyScope(req.scope, 'key.delete.others'))

  67.         query.issuer = req.username;

  68.     else if (req.body.issuer)

  69.         query.issuer = req.body.issuer;

  70. 

  71.     const key = await Key.findOne(query);

  72.     if (!key)

  73.         return res.status(422).json({message: 'Key not found.'});

  74. 

  75.     await Key.deleteOne({_id: key._id});

  76.     res.status(200).json({message: 'Key deleted.'});

  77. });

  78. 

  79. module.exports = router;