foltik
/
shimapan
espelhamento de https://github.com/Foltik/Shimapan
1
0
Fork 0
Código Issues 0 Versões 0 Wiki Atividade
A simple file sharing site with an easy to use API and online panel.
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
272 Commits
2 Branches
29MB
Tag: 3c7947ada1
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de 3c7947ada1
${ noResults }
shimapan/app/routes/api/keys.js

91 linhas
2.5KB
Original Anotar Histórico 

  1. const express = require('express');

  2. const router = express.Router();

  3. const config = require('config');

  4. const crypto = require('crypto');

  5. 

  6. const ModelPath = '../../models/';

  7. const Key = require(ModelPath + 'Key.js');

  8. 

  9. const verifyBody = require('../../util/verifyBody');

  10. const authenticate = require('../../util/auth/authenticateRequest');

  11. 

  12. 

  13. 

  14. const createParams = [

  15.     {name: 'identifier', type: 'string', sanitize: true},

  16.     {name: 'scope', instance: Array}];

  17. 

  18. router.post('/create', authenticate('key.create'), verifyBody(createParams), async (req, res) => {

  19.     const keyCount = await Key.countDocuments({issuer: req.username});

  20.     if (keyCount >= config.get('Key.limit'))

  21.         return res.status(403).json({message: 'Key limit reached.'});

  22. 

  23.     // Make sure the user has all the request scope

  24.     const keyScope = req.body.scope;

  25.     if (!keyScope.every(s => req.scope.includes(s)))

  26.         return res.status(403).json({message: 'Requested scope exceeds own scope.'});

  27. 

  28.     const key = {

  29.         key: await crypto.randomBytes(32).toString('hex'),

  30.         identifier: req.body.identifier,

  31.         scope: keyScope,

  32.         issuer: req.username,

  33.         date: Date.now()

  34.     };

  35. 

  36.     await Key.create(key);

  37. 

  38.     res.status(200).json({

  39.         message: 'Key created.',

  40.         key: key.key

  41.     });

  42. });

  43. 

  44. 

  45. 

  46. const getProps = [

  47.     {name: 'identifier', type: 'string', optional: true},

  48.     {name: 'issuer', type: 'string', optional: true}];

  49. 

  50. router.get('/get', authenticate('key.get'), verifyBody(getProps), async (req, res) => {

  51.     let query = {};

  52. 

  53.     if (req.body.identifier)

  54.         query.identifier = req.body.identifier;

  55. 

  56.     if (!req.scope.includes('key.get.others'))

  57.         query.issuer = req.username;

  58.     else if (req.body.issuer)

  59.         query.issuer = req.body.issuer;

  60. 

  61.     const keys = await Key.find(query);

  62. 

  63.     res.status(200).json(keys);

  64. });

  65. 

  66. 

  67. 

  68. const deleteProps = [

  69.     {name: 'keyid', type: 'string'},

  70.     {name: 'issuer', type: 'string', optional: true}];

  71. 

  72. router.post('/delete', authenticate('key.delete'), verifyBody(deleteProps), async (req, res) => {

  73.     let query = {key : req.body.keyid};

  74. 

  75.     if (!req.scope.includes('key.delete.others'))

  76.         query.issuer = req.username;

  77.     else if (req.body.issuer)

  78.         query.issuer = req.body.issuer;

  79. 

  80.     const key = await Key.findOne(query);

  81.     if (!key)

  82.         return res.status(422).json({message: 'Key not found.'});

  83. 

  84.     await Key.deleteOne({_id: key._id});

  85.     res.status(200).json({message: 'Key deleted.'});

  86. });

  87. 

  88. 

  89. 

  90. module.exports = router;