Added DB schema and backend logic for API keys creation and deletion

2018-10-14 21:08:36 +02:00 · 2018-10-14 21:08:36 +02:00 · db71a2b7c0
commit db71a2b7c0
parent 3d2a862d9d
4 changed files with 60 additions and 0 deletions
--- a/server/controllers/session.controller.js
+++ b/server/controllers/session.controller.js
@ -13,6 +13,7 @@ export function createSession(req, res, next) {
        email: req.user.email,
        username: req.user.username,
        preferences: req.user.preferences,
        apiKeys: req.user.apiKeys,
        verified: req.user.verified,
        id: req.user._id
      });
@ -26,6 +27,7 @@ export function getSession(req, res) {
      email: req.user.email,
      username: req.user.username,
      preferences: req.user.preferences,
      apiKeys: req.user.apiKeys,
      verified: req.user.verified,
      id: req.user._id
    });
--- a/server/controllers/user.controller.js
+++ b/server/controllers/user.controller.js
@ -352,3 +352,42 @@ export function updateSettings(req, res) {
    }
  });
 }
 export function addApiKey(req, res) {
  User.findById(req.user.id, (err, user) => {
    if (err) {
      res.status(500).json({ error: err });
      return;
    }
    if (!user) {
      res.status(404).json({ error: 'User not found' });
      return;
    }
    if (!req.body.label || !req.body.hashedKey) {
      res.status(400).json({ error: 'Expected field \'label\' or \'hashedKey\' was not present in request body' });
      return;
    }
    user.apiKeys.push(req.body);
    saveUser(res, user);
  });
 }
 export function removeApiKey(req, res) {
  User.findById(req.user.id, (err, user) => {
    if (err) {
      res.status(500).json({ error: err });
      return;
    }
    if (!user) {
      res.status(404).json({ error: 'User not found' });
      return;
    }
    const keyToDelete = user.apiKeys.find(key => key.id === req.params.keyId);
    if (!keyToDelete) {
      res.status(404).json({ error: 'Key does not exist for user' });
      return;
    }
    user.apiKeys.pull({ _id: req.params.keyId });
    saveUser(res, user);
  });
 }
--- a/server/models/user.js
+++ b/server/models/user.js
@ -10,6 +10,20 @@ const EmailConfirmationStates = {
 const { Schema } = mongoose;
 const apiKeySchema = new Schema({
  label: { type: String, default: 'API Key' },
  lastUsedAt: { type: Date, required: true, default: Date.now },
  hashedKey: { type: String, required: true },
 }, { timestamps: true, _id: true });
 apiKeySchema.virtual('id').get(function getApiKeyId() {
  return this._id.toHexString();
 });
 apiKeySchema.set('toJSON', {
  virtuals: true
 });
 const userSchema = new Schema({
  name: { type: String, default: '' },
  username: { type: String, required: true, unique: true },
@ -22,6 +36,7 @@ const userSchema = new Schema({
  github: { type: String },
  email: { type: String, unique: true },
  tokens: Array,
  apiKeys: { type: [apiKeySchema] },
  preferences: {
    fontSize: { type: Number, default: 18 },
    indentationAmount: { type: Number, default: 2 },
--- a/server/routes/user.routes.js
+++ b/server/routes/user.routes.js
@ -18,6 +18,10 @@ router.post('/reset-password/:token', UserController.updatePassword);
 router.put('/account', isAuthenticated, UserController.updateSettings);
 router.put('/account/api-keys', isAuthenticated, UserController.addApiKey);
 router.delete('/account/api-keys/:keyId', isAuthenticated, UserController.removeApiKey);
 router.post('/verify/send', UserController.emailVerificationInitiate);
 router.get('/verify', UserController.verifyEmail);