mirror of
https://github.com/TriliumNext/Notes.git
synced 2025-08-31 19:51:36 +08:00
45 lines
1.5 KiB
TypeScript
45 lines
1.5 KiB
TypeScript
import becca from "../becca/becca.js";
|
|
import eu from "./etapi_utils.js";
|
|
import passwordEncryptionService from "../services/encryption/password_encryption.js";
|
|
import etapiTokenService from "../services/etapi_tokens.js";
|
|
import type { RequestHandler, Router } from "express";
|
|
|
|
function register(router: Router, loginMiddleware: RequestHandler[]) {
|
|
eu.NOT_AUTHENTICATED_ROUTE(router, "post", "/etapi/auth/login", loginMiddleware, (req, res, next) => {
|
|
const { password, tokenName } = req.body;
|
|
|
|
if (!passwordEncryptionService.verifyPassword(password)) {
|
|
throw new eu.EtapiError(401, "WRONG_PASSWORD", "Wrong password.");
|
|
}
|
|
|
|
const { authToken } = etapiTokenService.createToken(tokenName || "ETAPI login");
|
|
|
|
res.status(201).json({
|
|
authToken
|
|
});
|
|
});
|
|
|
|
eu.route(router, "post", "/etapi/auth/logout", (req, res, next) => {
|
|
const parsed = etapiTokenService.parseAuthToken(req.headers.authorization);
|
|
|
|
if (!parsed || !parsed.etapiTokenId) {
|
|
throw new eu.EtapiError(400, eu.GENERIC_CODE, "Cannot logout this token.");
|
|
}
|
|
|
|
const etapiToken = becca.getEtapiToken(parsed.etapiTokenId);
|
|
|
|
if (!etapiToken) {
|
|
// shouldn't happen since this already passed auth validation
|
|
throw new Error(`Cannot find the token '${parsed.etapiTokenId}'.`);
|
|
}
|
|
|
|
etapiToken.markAsDeletedSimple();
|
|
|
|
res.sendStatus(204);
|
|
});
|
|
}
|
|
|
|
export default {
|
|
register
|
|
};
|