introduce the RADAR scope token
This commit is contained in:
Sven Czarnian
@@ -3,6 +3,7 @@ import {
|
||||
Get,
|
||||
HttpException,
|
||||
HttpStatus,
|
||||
Patch,
|
||||
Query,
|
||||
Redirect,
|
||||
Req,
|
||||
@@ -68,9 +69,17 @@ export class AuthController {
|
||||
return {
|
||||
vatsimId: user.vatsimId,
|
||||
fullName: user.fullName,
|
||||
radarScopeKey: user.radarScopeKey,
|
||||
administrator: user.administrator,
|
||||
airportConfigurationAccess: user.airportConfigurationAccess,
|
||||
};
|
||||
});
|
||||
}
|
||||
|
||||
@UseGuards(JwtGuard)
|
||||
@Patch('/refreshRadarScopeKey')
|
||||
async refreshRadarScopeKey(@Req() request: Request): Promise<void> {
|
||||
const token = request.headers.authorization.replace('Bearer ', '');
|
||||
return this.authService.resetRadarScopeKey(token);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ import { ConfigService } from '@nestjs/config';
|
||||
import { JwtService } from '@nestjs/jwt';
|
||||
import { InjectModel } from '@nestjs/mongoose';
|
||||
import { Model } from 'mongoose';
|
||||
import { v4 as uuid } from 'uuid';
|
||||
import { catchError, lastValueFrom, map } from 'rxjs';
|
||||
|
||||
import { User, UserDocument } from './models/user.model';
|
||||
@@ -76,6 +77,7 @@ export class AuthService {
|
||||
this.userModel.create({
|
||||
vatsimId: userdata.cid,
|
||||
fullName,
|
||||
radarScopeKey: uuid(),
|
||||
vatsimToken: token,
|
||||
vatsimRefreshToken: refreshToken,
|
||||
});
|
||||
@@ -110,4 +112,15 @@ export class AuthService {
|
||||
return user;
|
||||
});
|
||||
}
|
||||
|
||||
async resetRadarScopeKey(token: string): Promise<void> {
|
||||
const payload = this.jwtService.verify(token, {
|
||||
secret: this.config.get<string>('server.jwt-secret'),
|
||||
});
|
||||
|
||||
await this.userModel.findOneAndUpdate(
|
||||
{ vatsimId: payload.vatsimId },
|
||||
{ radarScopeKey: uuid() },
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,6 +16,13 @@ export class UserDto {
|
||||
})
|
||||
fullName: string;
|
||||
|
||||
@IsNotEmpty()
|
||||
@ApiProperty({
|
||||
description: 'The unique logon code for the radar scope plugins',
|
||||
example: 'SECRET',
|
||||
})
|
||||
radarScopeKey: string;
|
||||
|
||||
@IsNotEmpty()
|
||||
@ApiProperty({
|
||||
description: 'Indicates if the user has administrator access',
|
||||
|
||||
@@ -17,6 +17,11 @@ export class User {
|
||||
})
|
||||
fullName: string;
|
||||
|
||||
@Prop({
|
||||
type: String,
|
||||
})
|
||||
radarScopeKey: string;
|
||||
|
||||
@Prop({
|
||||
required: true,
|
||||
type: String,
|
||||
|
||||
Viittaa uudesa ongelmassa
Block a user