Add API tokens support (#9)
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Make it possible to create token authorized to query predetermined set of routes. Reviewed-on: #9 Co-authored-by: Pierre HUBERT <pierre.git@communiquons.org> Co-committed-by: Pierre HUBERT <pierre.git@communiquons.org>
This commit is contained in:
@@ -27,6 +27,9 @@ export interface ServerConstraints {
|
||||
nwfilter_comment_size: LenConstraint;
|
||||
nwfilter_priority: LenConstraint;
|
||||
nwfilter_selectors_count: LenConstraint;
|
||||
api_token_name_size: LenConstraint;
|
||||
api_token_description_size: LenConstraint;
|
||||
api_token_right_path_size: LenConstraint;
|
||||
}
|
||||
|
||||
export interface LenConstraint {
|
||||
|
||||
102
virtweb_frontend/src/api/TokensApi.ts
Normal file
102
virtweb_frontend/src/api/TokensApi.ts
Normal file
@@ -0,0 +1,102 @@
|
||||
import { time } from "../utils/DateUtils";
|
||||
import { APIClient } from "./ApiClient";
|
||||
|
||||
export type RightVerb = "POST" | "GET" | "PUT" | "DELETE" | "PATCH";
|
||||
|
||||
export interface TokenRight {
|
||||
verb: RightVerb;
|
||||
path: string;
|
||||
}
|
||||
|
||||
export interface APIToken {
|
||||
id: string;
|
||||
name: string;
|
||||
description: string;
|
||||
created: number;
|
||||
updated: number;
|
||||
rights: TokenRight[];
|
||||
last_used: number;
|
||||
ip_restriction?: string;
|
||||
max_inactivity?: number;
|
||||
}
|
||||
|
||||
export function APITokenURL(t: APIToken, edit: boolean = false): string {
|
||||
return `/token/${t.id}${edit ? "/edit" : ""}`;
|
||||
}
|
||||
|
||||
export function ExpiredAPIToken(t: APIToken): boolean {
|
||||
if (!t.max_inactivity) return false;
|
||||
return t.last_used + t.max_inactivity < time();
|
||||
}
|
||||
|
||||
export interface APITokenPrivateKey {
|
||||
alg: string;
|
||||
priv: string;
|
||||
}
|
||||
|
||||
export interface CreatedAPIToken {
|
||||
token: APIToken;
|
||||
priv_key: APITokenPrivateKey;
|
||||
}
|
||||
|
||||
export class TokensApi {
|
||||
/**
|
||||
* Create a new API token
|
||||
*/
|
||||
static async Create(n: APIToken): Promise<CreatedAPIToken> {
|
||||
return (
|
||||
await APIClient.exec({
|
||||
method: "POST",
|
||||
uri: "/token/create",
|
||||
jsonData: n,
|
||||
})
|
||||
).data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the full list of tokens
|
||||
*/
|
||||
static async GetList(): Promise<APIToken[]> {
|
||||
return (
|
||||
await APIClient.exec({
|
||||
method: "GET",
|
||||
uri: "/token/list",
|
||||
})
|
||||
).data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the information about a single token
|
||||
*/
|
||||
static async GetSingle(uuid: string): Promise<APIToken> {
|
||||
return (
|
||||
await APIClient.exec({
|
||||
method: "GET",
|
||||
uri: `/token/${uuid}`,
|
||||
})
|
||||
).data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Update an existing API token information
|
||||
*/
|
||||
static async Update(n: APIToken): Promise<void> {
|
||||
return (
|
||||
await APIClient.exec({
|
||||
method: "PATCH",
|
||||
uri: `/token/${n.id}`,
|
||||
jsonData: n,
|
||||
})
|
||||
).data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete an API token
|
||||
*/
|
||||
static async Delete(n: APIToken): Promise<void> {
|
||||
await APIClient.exec({
|
||||
method: "DELETE",
|
||||
uri: `/token/${n.id}`,
|
||||
});
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user