From db71a2b7c05d4ef65996924c280eee028a9fd323 Mon Sep 17 00:00:00 2001 From: Vertmo Date: Sun, 14 Oct 2018 21:08:36 +0200 Subject: [PATCH] Added DB schema and backend logic for API keys creation and deletion --- server/controllers/session.controller.js | 2 ++ server/controllers/user.controller.js | 39 ++++++++++++++++++++++++ server/models/user.js | 15 +++++++++ server/routes/user.routes.js | 4 +++ 4 files changed, 60 insertions(+) diff --git a/server/controllers/session.controller.js b/server/controllers/session.controller.js index 211b8a46..4b4e3025 100644 --- a/server/controllers/session.controller.js +++ b/server/controllers/session.controller.js @@ -13,6 +13,7 @@ export function createSession(req, res, next) { email: req.user.email, username: req.user.username, preferences: req.user.preferences, + apiKeys: req.user.apiKeys, verified: req.user.verified, id: req.user._id }); @@ -26,6 +27,7 @@ export function getSession(req, res) { email: req.user.email, username: req.user.username, preferences: req.user.preferences, + apiKeys: req.user.apiKeys, verified: req.user.verified, id: req.user._id }); diff --git a/server/controllers/user.controller.js b/server/controllers/user.controller.js index 00f3f022..d22b19ae 100644 --- a/server/controllers/user.controller.js +++ b/server/controllers/user.controller.js @@ -352,3 +352,42 @@ export function updateSettings(req, res) { } }); } + +export function addApiKey(req, res) { + User.findById(req.user.id, (err, user) => { + if (err) { + res.status(500).json({ error: err }); + return; + } + if (!user) { + res.status(404).json({ error: 'User not found' }); + return; + } + if (!req.body.label || !req.body.hashedKey) { + res.status(400).json({ error: 'Expected field \'label\' or \'hashedKey\' was not present in request body' }); + return; + } + user.apiKeys.push(req.body); + saveUser(res, user); + }); +} + +export function removeApiKey(req, res) { + User.findById(req.user.id, (err, user) => { + if (err) { + res.status(500).json({ error: err }); + return; + } + if (!user) { + res.status(404).json({ error: 'User not found' }); + return; + } + const keyToDelete = user.apiKeys.find(key => key.id === req.params.keyId); + if (!keyToDelete) { + res.status(404).json({ error: 'Key does not exist for user' }); + return; + } + user.apiKeys.pull({ _id: req.params.keyId }); + saveUser(res, user); + }); +} diff --git a/server/models/user.js b/server/models/user.js index 5cbf12be..d15a8930 100644 --- a/server/models/user.js +++ b/server/models/user.js @@ -10,6 +10,20 @@ const EmailConfirmationStates = { const { Schema } = mongoose; +const apiKeySchema = new Schema({ + label: { type: String, default: 'API Key' }, + lastUsedAt: { type: Date, required: true, default: Date.now }, + hashedKey: { type: String, required: true }, +}, { timestamps: true, _id: true }); + +apiKeySchema.virtual('id').get(function getApiKeyId() { + return this._id.toHexString(); +}); + +apiKeySchema.set('toJSON', { + virtuals: true +}); + const userSchema = new Schema({ name: { type: String, default: '' }, username: { type: String, required: true, unique: true }, @@ -22,6 +36,7 @@ const userSchema = new Schema({ github: { type: String }, email: { type: String, unique: true }, tokens: Array, + apiKeys: { type: [apiKeySchema] }, preferences: { fontSize: { type: Number, default: 18 }, indentationAmount: { type: Number, default: 2 }, diff --git a/server/routes/user.routes.js b/server/routes/user.routes.js index 427e0705..49b09a94 100644 --- a/server/routes/user.routes.js +++ b/server/routes/user.routes.js @@ -18,6 +18,10 @@ router.post('/reset-password/:token', UserController.updatePassword); router.put('/account', isAuthenticated, UserController.updateSettings); +router.put('/account/api-keys', isAuthenticated, UserController.addApiKey); + +router.delete('/account/api-keys/:keyId', isAuthenticated, UserController.removeApiKey); + router.post('/verify/send', UserController.emailVerificationInitiate); router.get('/verify', UserController.verifyEmail);