From 912a8e75093f2ead2183b9dd576198a9ed23661d Mon Sep 17 00:00:00 2001
From: Sven Czarnian <devel@svcz.de>
Date: Fri, 4 Nov 2022 21:33:24 +0100
Subject: [PATCH] introduce the RADAR scope token

---
 src/auth/auth.controller.ts   |  9 +++++++++
 src/auth/auth.service.ts      | 13 +++++++++++++
 src/auth/dto/user.dto.ts      |  7 +++++++
 src/auth/models/user.model.ts |  5 +++++
 4 files changed, 34 insertions(+)

diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts
index 2f1407c..3c93172 100644
--- a/src/auth/auth.controller.ts
+++ b/src/auth/auth.controller.ts
@@ -3,6 +3,7 @@ import {
   Get,
   HttpException,
   HttpStatus,
+  Patch,
   Query,
   Redirect,
   Req,
@@ -68,9 +69,17 @@ export class AuthController {
       return {
         vatsimId: user.vatsimId,
         fullName: user.fullName,
+        radarScopeKey: user.radarScopeKey,
         administrator: user.administrator,
         airportConfigurationAccess: user.airportConfigurationAccess,
       };
     });
   }
+
+  @UseGuards(JwtGuard)
+  @Patch('/refreshRadarScopeKey')
+  async refreshRadarScopeKey(@Req() request: Request): Promise<void> {
+    const token = request.headers.authorization.replace('Bearer ', '');
+    return this.authService.resetRadarScopeKey(token);
+  }
 }
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
index 7768293..e633499 100644
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@@ -4,6 +4,7 @@ import { ConfigService } from '@nestjs/config';
 import { JwtService } from '@nestjs/jwt';
 import { InjectModel } from '@nestjs/mongoose';
 import { Model } from 'mongoose';
+import { v4 as uuid } from 'uuid';
 import { catchError, lastValueFrom, map } from 'rxjs';
 
 import { User, UserDocument } from './models/user.model';
@@ -76,6 +77,7 @@ export class AuthService {
           this.userModel.create({
             vatsimId: userdata.cid,
             fullName,
+            radarScopeKey: uuid(),
             vatsimToken: token,
             vatsimRefreshToken: refreshToken,
           });
@@ -110,4 +112,15 @@ export class AuthService {
         return user;
       });
   }
+
+  async resetRadarScopeKey(token: string): Promise<void> {
+    const payload = this.jwtService.verify(token, {
+      secret: this.config.get<string>('server.jwt-secret'),
+    });
+
+    await this.userModel.findOneAndUpdate(
+      { vatsimId: payload.vatsimId },
+      { radarScopeKey: uuid() },
+    );
+  }
 }
diff --git a/src/auth/dto/user.dto.ts b/src/auth/dto/user.dto.ts
index cd238e3..b0da5d6 100644
--- a/src/auth/dto/user.dto.ts
+++ b/src/auth/dto/user.dto.ts
@@ -16,6 +16,13 @@ export class UserDto {
   })
   fullName: string;
 
+  @IsNotEmpty()
+  @ApiProperty({
+    description: 'The unique logon code for the radar scope plugins',
+    example: 'SECRET',
+  })
+  radarScopeKey: string;
+
   @IsNotEmpty()
   @ApiProperty({
     description: 'Indicates if the user has administrator access',
diff --git a/src/auth/models/user.model.ts b/src/auth/models/user.model.ts
index 99669f8..2d707b1 100644
--- a/src/auth/models/user.model.ts
+++ b/src/auth/models/user.model.ts
@@ -17,6 +17,11 @@ export class User {
   })
   fullName: string;
 
+  @Prop({
+    type: String,
+  })
+  radarScopeKey: string;
+
   @Prop({
     required: true,
     type: String,