enhance(api): アクセストークンを作成する際、createdAtをlastUsedAtを揃えるようにして、未使用かどうかを判定できるように

2020-08-04 23:09:48 +09:00 · 2020-08-04 23:09:48 +09:00 · 2bdcd22ad4
parent f73a4e1304
commit 2bdcd22ad4
2 changed files with 8 additions and 4 deletions
--- a/src/server/api/endpoints/auth/accept.ts
+++ b/src/server/api/endpoints/auth/accept.ts
@ -56,11 +56,13 @@ export default define(meta, async (ps, user) => {
 		sha256.update(accessToken + app.secret);
 		const hash = sha256.digest('hex');

+		const now = new Date();
+
 		// Insert access token doc
 		await AccessTokens.save({
 			id: genId(),
-			createdAt: new Date(),
-			lastUsedAt: new Date(),
+			createdAt: now,
+			lastUsedAt: now,
 			appId: session.appId,
 			userId: user.id,
 			token: accessToken,
--- a/src/server/api/endpoints/miauth/gen-token.ts
+++ b/src/server/api/endpoints/miauth/gen-token.ts
@ -38,11 +38,13 @@ export default define(meta, async (ps, user) => {
 	// Generate access token
 	const accessToken = secureRndstr(32, true);

+	const now = new Date();
+
 	// Insert access token doc
 	await AccessTokens.save({
 		id: genId(),
-		createdAt: new Date(),
-		lastUsedAt: new Date(),
+		createdAt: now,
+		lastUsedAt: now,
 		session: ps.session,
 		userId: user.id,
 		token: accessToken,