mirror of
https://git.joinfirefish.org/firefish/firefish.git
synced 2024-05-04 08:31:11 +02:00
101 lines
1.9 KiB
TypeScript
101 lines
1.9 KiB
TypeScript
import define from "../../../define.js";
|
|
import { ApiError } from "../../../error.js";
|
|
import { Apps, AuthSessions, AccessTokens, Users } from "@/models/index.js";
|
|
|
|
export const meta = {
|
|
tags: ["auth"],
|
|
|
|
requireCredential: false,
|
|
|
|
res: {
|
|
type: "object",
|
|
optional: false,
|
|
nullable: false,
|
|
properties: {
|
|
accessToken: {
|
|
type: "string",
|
|
optional: false,
|
|
nullable: false,
|
|
},
|
|
|
|
user: {
|
|
type: "object",
|
|
optional: false,
|
|
nullable: false,
|
|
ref: "UserDetailedNotMe",
|
|
},
|
|
},
|
|
},
|
|
|
|
errors: {
|
|
noSuchApp: {
|
|
message: "No such app.",
|
|
code: "NO_SUCH_APP",
|
|
id: "fcab192a-2c5a-43b7-8ad8-9b7054d8d40d",
|
|
},
|
|
|
|
noSuchSession: {
|
|
message: "No such session.",
|
|
code: "NO_SUCH_SESSION",
|
|
id: "5b5a1503-8bc8-4bd0-8054-dc189e8cdcb3",
|
|
},
|
|
|
|
pendingSession: {
|
|
message: "This session is not completed yet.",
|
|
code: "PENDING_SESSION",
|
|
id: "8c8a4145-02cc-4cca-8e66-29ba60445a8e",
|
|
},
|
|
},
|
|
} as const;
|
|
|
|
export const paramDef = {
|
|
type: "object",
|
|
properties: {
|
|
appSecret: { type: "string" },
|
|
token: { type: "string" },
|
|
},
|
|
required: ["appSecret", "token"],
|
|
} as const;
|
|
|
|
|
|
export default define(meta, paramDef, async (ps) => {
|
|
// Lookup app
|
|
const app = await Apps.findOneBy({
|
|
secret: ps.appSecret,
|
|
});
|
|
|
|
if (app == null) {
|
|
throw new ApiError(meta.errors.noSuchApp);
|
|
}
|
|
|
|
// Fetch token
|
|
const session = await AuthSessions.findOneBy({
|
|
token: ps.token,
|
|
appId: app.id,
|
|
});
|
|
|
|
if (session == null) {
|
|
throw new ApiError(meta.errors.noSuchSession);
|
|
}
|
|
|
|
if (session.userId == null) {
|
|
throw new ApiError(meta.errors.pendingSession);
|
|
}
|
|
|
|
// Lookup access token
|
|
const accessToken = await AccessTokens.findOneByOrFail({
|
|
appId: app.id,
|
|
userId: session.userId,
|
|
});
|
|
|
|
// Delete session
|
|
AuthSessions.delete(session.id);
|
|
|
|
return {
|
|
accessToken: accessToken.token,
|
|
user: await Users.pack(session.userId, null, {
|
|
detail: true,
|
|
}),
|
|
};
|
|
});
|