From 2c6717e1ee12353de4193dd50ba076b8bcb27e89 Mon Sep 17 00:00:00 2001 From: Erik Michelson Date: Fri, 13 Sep 2024 17:09:01 +0200 Subject: [PATCH] refactor(api-token): drop passport, rename to ApiToken We don't need a library that requires as much boilerplate code as writing the AuthGuard ourselves, especially since the token validation was already custom code by us. The previous name PublicAuthToken was a bit misleading, since PublicAuth could also be interpreted as being used for the public frontend in contrast to the API. The old name before that (AuthToken) wasn't better since it wasn't clear what type of auth is meant. I know, this is the second renaming of the same module in less than a month. However, I would say the name ApiToken seems rather reasonable and understandable. Signed-off-by: Erik Michelson --- backend/package.json | 7 - .../api-token.dto.ts} | 6 +- .../api-token.entity.ts} | 8 +- backend/src/api-token/api-token.guard.ts | 47 ++++ backend/src/api-token/api-token.module.ts | 21 ++ .../api-token.service.spec.ts} | 209 +++++++++--------- .../api-token.service.ts} | 68 +++--- .../mock-api-token.guard.ts} | 2 +- backend/src/api/private/private-api.module.ts | 8 +- ...Controller.ts => api-tokens.controller.ts} | 26 +-- .../src/api/public/alias/alias.controller.ts | 4 +- backend/src/api/public/me/me.controller.ts | 4 +- .../src/api/public/media/media.controller.ts | 4 +- .../monitoring/monitoring.controller.ts | 4 +- .../src/api/public/notes/notes.controller.ts | 4 +- backend/src/api/public/public-api.module.ts | 2 + backend/src/app.module.ts | 4 +- backend/src/history/history.service.spec.ts | 4 +- backend/src/media/media.service.spec.ts | 4 +- ...-init.ts => mariadb-1726271650566-init.ts} | 83 +++---- ...init.ts => postgres-1726271794336-init.ts} | 81 +++---- ...2-init.ts => sqlite-1726271503150-init.ts} | 129 +++++------ backend/src/notes/alias.service.spec.ts | 4 +- backend/src/notes/notes.service.spec.ts | 4 +- .../permissions/permissions.service.spec.ts | 4 +- .../public-auth-token.module.ts | 35 --- .../public-auth-token.strategy.ts | 39 ---- .../websocket/websocket.gateway.spec.ts | 4 +- .../src/revisions/revisions.service.spec.ts | 4 +- backend/src/seed.ts | 4 +- backend/src/users/user.entity.ts | 8 +- backend/test/test-setup.ts | 24 +- yarn.lock | 179 +-------------- 33 files changed, 424 insertions(+), 614 deletions(-) rename backend/src/{public-auth-token/public-auth-token.dto.ts => api-token/api-token.dto.ts} (80%) rename backend/src/{public-auth-token/public-auth-token.entity.ts => api-token/api-token.entity.ts} (85%) create mode 100644 backend/src/api-token/api-token.guard.ts create mode 100644 backend/src/api-token/api-token.module.ts rename backend/src/{public-auth-token/public-auth-token.service.spec.ts => api-token/api-token.service.spec.ts} (62%) rename backend/src/{public-auth-token/public-auth-token.service.ts => api-token/api-token.service.ts} (76%) rename backend/src/{public-auth-token/mock-public-auth-token-guard.service.ts => api-token/mock-api-token.guard.ts} (96%) rename backend/src/api/private/tokens/{publicAuthTokensController.ts => api-tokens.controller.ts} (73%) rename backend/src/migrations/{mariadb-1726084491570-init.ts => mariadb-1726271650566-init.ts} (93%) rename backend/src/migrations/{postgres-1726084117959-init.ts => postgres-1726271794336-init.ts} (94%) rename backend/src/migrations/{sqlite-1726084595852-init.ts => sqlite-1726271503150-init.ts} (93%) delete mode 100644 backend/src/public-auth-token/public-auth-token.module.ts delete mode 100644 backend/src/public-auth-token/public-auth-token.strategy.ts diff --git a/backend/package.json b/backend/package.json index 1904ea38d..a94854385 100644 --- a/backend/package.json +++ b/backend/package.json @@ -32,7 +32,6 @@ "@nestjs/config": "3.2.3", "@nestjs/core": "10.4.1", "@nestjs/event-emitter": "2.0.4", - "@nestjs/passport": "10.0.3", "@nestjs/platform-express": "10.4.1", "@nestjs/platform-ws": "10.4.1", "@nestjs/schedule": "4.1.0", @@ -40,7 +39,6 @@ "@nestjs/typeorm": "10.0.2", "@nestjs/websockets": "10.4.1", "@node-rs/argon2": "1.8.3", - "@types/passport-http-bearer": "1.0.41", "@zxcvbn-ts/core": "3.0.4", "@zxcvbn-ts/language-common": "3.0.4", "@zxcvbn-ts/language-en": "3.0.2", @@ -61,10 +59,6 @@ "mysql": "2.18.1", "node-fetch": "2.7.0", "openid-client": "5.6.5", - "passport": "0.7.0", - "passport-custom": "1.1.1", - "passport-http-bearer": "1.0.1", - "passport-local": "1.0.0", "pg": "8.12.0", "raw-body": "3.0.0", "reflect-metadata": "0.2.2", @@ -94,7 +88,6 @@ "@types/mysql": "2.15.25", "@types/node": "20.16.2", "@types/node-fetch": "2.6.11", - "@types/passport-local": "1.0.38", "@types/pg": "8.11.0", "@types/source-map-support": "0.5.10", "@types/supertest": "2.0.16", diff --git a/backend/src/public-auth-token/public-auth-token.dto.ts b/backend/src/api-token/api-token.dto.ts similarity index 80% rename from backend/src/public-auth-token/public-auth-token.dto.ts rename to backend/src/api-token/api-token.dto.ts index c55b64bb6..64189fad8 100644 --- a/backend/src/public-auth-token/public-auth-token.dto.ts +++ b/backend/src/api-token/api-token.dto.ts @@ -9,7 +9,7 @@ import { IsDate, IsNumber, IsOptional, IsString } from 'class-validator'; import { BaseDto } from '../utils/base.dto.'; import { TimestampMillis } from '../utils/timestamp'; -export class PublicAuthTokenDto extends BaseDto { +export class ApiTokenDto extends BaseDto { @IsString() label: string; @@ -30,12 +30,12 @@ export class PublicAuthTokenDto extends BaseDto { lastUsedAt: Date | null; } -export class PublicAuthTokenWithSecretDto extends PublicAuthTokenDto { +export class ApiTokenWithSecretDto extends ApiTokenDto { @IsString() secret: string; } -export class PublicAuthTokenCreateDto extends BaseDto { +export class ApiTokenCreateDto extends BaseDto { @IsString() label: string; diff --git a/backend/src/public-auth-token/public-auth-token.entity.ts b/backend/src/api-token/api-token.entity.ts similarity index 85% rename from backend/src/public-auth-token/public-auth-token.entity.ts rename to backend/src/api-token/api-token.entity.ts index 5c662646e..adf56dfd1 100644 --- a/backend/src/public-auth-token/public-auth-token.entity.ts +++ b/backend/src/api-token/api-token.entity.ts @@ -14,14 +14,14 @@ import { import { User } from '../users/user.entity'; @Entity() -export class PublicAuthToken { +export class ApiToken { @PrimaryGeneratedColumn() id: number; @Column({ unique: true }) keyId: string; - @ManyToOne((_) => User, (user) => user.publicAuthTokens, { + @ManyToOne((_) => User, (user) => user.apiTokens, { onDelete: 'CASCADE', // This deletes the PublicAuthToken, when the associated User is deleted }) user: Promise; @@ -50,8 +50,8 @@ export class PublicAuthToken { label: string, tokenString: string, validUntil: Date, - ): Omit { - const token = new PublicAuthToken(); + ): Omit { + const token = new ApiToken(); token.keyId = keyId; token.user = Promise.resolve(user); token.label = label; diff --git a/backend/src/api-token/api-token.guard.ts b/backend/src/api-token/api-token.guard.ts new file mode 100644 index 000000000..ebcf89d4c --- /dev/null +++ b/backend/src/api-token/api-token.guard.ts @@ -0,0 +1,47 @@ +/* + * SPDX-FileCopyrightText: 2024 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ +import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'; + +import { CompleteRequest } from '../api/utils/request.type'; +import { NotInDBError, TokenNotValidError } from '../errors/errors'; +import { ConsoleLoggerService } from '../logger/console-logger.service'; +import { ApiTokenService } from './api-token.service'; + +@Injectable() +export class ApiTokenGuard implements CanActivate { + constructor( + private readonly logger: ConsoleLoggerService, + private readonly apiTokenService: ApiTokenService, + ) { + this.logger.setContext(ApiTokenGuard.name); + } + + async canActivate(context: ExecutionContext): Promise { + const request: CompleteRequest = context.switchToHttp().getRequest(); + const authHeader = request.headers.authorization; + if (!authHeader) { + return false; + } + const [method, token] = authHeader.trim().split(' '); + if (method !== 'Bearer') { + return false; + } + try { + request.user = await this.apiTokenService.validateToken(token.trim()); + return true; + } catch (error) { + if ( + !(error instanceof TokenNotValidError || error instanceof NotInDBError) + ) { + this.logger.error( + `Error during API token validation: ${String(error)}`, + 'canActivate', + ); + } + return false; + } + } +} diff --git a/backend/src/api-token/api-token.module.ts b/backend/src/api-token/api-token.module.ts new file mode 100644 index 000000000..3a84a904c --- /dev/null +++ b/backend/src/api-token/api-token.module.ts @@ -0,0 +1,21 @@ +/* + * SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ +import { Module } from '@nestjs/common'; +import { TypeOrmModule } from '@nestjs/typeorm'; + +import { LoggerModule } from '../logger/logger.module'; +import { UsersModule } from '../users/users.module'; +import { ApiToken } from './api-token.entity'; +import { ApiTokenGuard } from './api-token.guard'; +import { ApiTokenService } from './api-token.service'; +import { MockApiTokenGuard } from './mock-api-token.guard'; + +@Module({ + imports: [UsersModule, LoggerModule, TypeOrmModule.forFeature([ApiToken])], + providers: [ApiTokenService, ApiTokenGuard, MockApiTokenGuard], + exports: [ApiTokenService, ApiTokenGuard], +}) +export class ApiTokenModule {} diff --git a/backend/src/public-auth-token/public-auth-token.service.spec.ts b/backend/src/api-token/api-token.service.spec.ts similarity index 62% rename from backend/src/public-auth-token/public-auth-token.service.spec.ts rename to backend/src/api-token/api-token.service.spec.ts index ae7de73ba..d063e5736 100644 --- a/backend/src/public-auth-token/public-auth-token.service.spec.ts +++ b/backend/src/api-token/api-token.service.spec.ts @@ -3,8 +3,8 @@ * * SPDX-License-Identifier: AGPL-3.0-only */ +import { DeepPartial } from '@hedgedoc/commons'; import { ConfigModule } from '@nestjs/config'; -import { PassportModule } from '@nestjs/passport'; import { Test, TestingModule } from '@nestjs/testing'; import { getRepositoryToken } from '@nestjs/typeorm'; import crypto from 'crypto'; @@ -22,23 +22,23 @@ import { LoggerModule } from '../logger/logger.module'; import { Session } from '../sessions/session.entity'; import { User } from '../users/user.entity'; import { UsersModule } from '../users/users.module'; -import { PublicAuthToken } from './public-auth-token.entity'; -import { PublicAuthTokenService } from './public-auth-token.service'; +import { ApiToken } from './api-token.entity'; +import { ApiTokenService } from './api-token.service'; -describe('AuthService', () => { - let service: PublicAuthTokenService; +describe('ApiTokenService', () => { + let service: ApiTokenService; let user: User; - let authToken: PublicAuthToken; + let apiToken: ApiToken; let userRepo: Repository; - let authTokenRepo: Repository; + let apiTokenRepo: Repository; class CreateQueryBuilderClass { leftJoinAndSelect: () => CreateQueryBuilderClass; where: () => CreateQueryBuilderClass; orWhere: () => CreateQueryBuilderClass; setParameter: () => CreateQueryBuilderClass; - getOne: () => PublicAuthToken; - getMany: () => PublicAuthToken[]; + getOne: () => ApiToken; + getMany: () => ApiToken[]; } let createQueryBuilderFunc: CreateQueryBuilderClass; @@ -46,9 +46,9 @@ describe('AuthService', () => { beforeEach(async () => { const module: TestingModule = await Test.createTestingModule({ providers: [ - PublicAuthTokenService, + ApiTokenService, { - provide: getRepositoryToken(PublicAuthToken), + provide: getRepositoryToken(ApiToken), useClass: Repository, }, ], @@ -57,7 +57,6 @@ describe('AuthService', () => { isGlobal: true, load: [appConfigMock, authConfigMock], }), - PassportModule, UsersModule, LoggerModule, ], @@ -70,83 +69,77 @@ describe('AuthService', () => { .useValue({}) .compile(); - service = module.get(PublicAuthTokenService); + service = module.get(ApiTokenService); userRepo = module.get>(getRepositoryToken(User)); - authTokenRepo = module.get>( - getRepositoryToken(PublicAuthToken), + apiTokenRepo = module.get>( + getRepositoryToken(ApiToken), ); user = User.create('hardcoded', 'Testy') as User; - authToken = PublicAuthToken.create( + apiToken = ApiToken.create( 'testKeyId', user, 'testToken', 'abc', new Date(new Date().getTime() + 60000), // make this AuthToken valid for 1min - ) as PublicAuthToken; + ) as ApiToken; const createQueryBuilder = { leftJoinAndSelect: () => createQueryBuilder, where: () => createQueryBuilder, orWhere: () => createQueryBuilder, setParameter: () => createQueryBuilder, - getOne: () => authToken, - getMany: () => [authToken], + getOne: () => apiToken, + getMany: () => [apiToken], }; createQueryBuilderFunc = createQueryBuilder; jest - .spyOn(authTokenRepo, 'createQueryBuilder') + .spyOn(apiTokenRepo, 'createQueryBuilder') // eslint-disable-next-line @typescript-eslint/ban-ts-comment // @ts-ignore .mockImplementation(() => createQueryBuilder); - jest.spyOn(authTokenRepo, 'find').mockResolvedValue([authToken]); - }); - - it('should be defined', () => { - expect(service).toBeDefined(); + jest.spyOn(apiTokenRepo, 'find').mockResolvedValue([apiToken]); }); describe('getTokensByUser', () => { it('works', async () => { - createQueryBuilderFunc.getMany = () => [authToken]; + createQueryBuilderFunc.getMany = () => [apiToken]; const tokens = await service.getTokensByUser(user); expect(tokens).toHaveLength(1); - expect(tokens).toEqual([authToken]); + expect(tokens).toEqual([apiToken]); }); it('should return empty array if token for user do not exists', async () => { - jest - .spyOn(authTokenRepo, 'find') - .mockImplementationOnce(async () => null); + jest.spyOn(apiTokenRepo, 'find').mockImplementationOnce(async () => []); const tokens = await service.getTokensByUser(user); expect(tokens).toHaveLength(0); expect(tokens).toEqual([]); }); }); - describe('getAuthToken', () => { + describe('getToken', () => { const token = 'testToken'; it('works', async () => { const accessTokenHash = crypto .createHash('sha512') .update(token) .digest('hex'); - jest.spyOn(authTokenRepo, 'findOne').mockResolvedValueOnce({ - ...authToken, + jest.spyOn(apiTokenRepo, 'findOne').mockResolvedValueOnce({ + ...apiToken, user: Promise.resolve(user), hash: accessTokenHash, }); - const authTokenFromCall = await service.getAuthToken(authToken.keyId); + const authTokenFromCall = await service.getToken(apiToken.keyId); expect(authTokenFromCall).toEqual({ - ...authToken, + ...apiToken, user: Promise.resolve(user), hash: accessTokenHash, }); }); describe('fails:', () => { it('AuthToken could not be found', async () => { - jest.spyOn(authTokenRepo, 'findOne').mockResolvedValueOnce(null); - await expect(service.getAuthToken(authToken.keyId)).rejects.toThrow( + jest.spyOn(apiTokenRepo, 'findOne').mockResolvedValueOnce(null); + await expect(service.getToken(apiToken.keyId)).rejects.toThrow( NotInDBError, ); }); @@ -161,13 +154,13 @@ describe('AuthService', () => { ); expect(() => - service.checkToken(secret, accessToken as PublicAuthToken), + service.checkToken(secret, accessToken as ApiToken), ).not.toThrow(); }); it('AuthToken has wrong hash', () => { const [accessToken] = service.createToken(user, 'TestToken', undefined); expect(() => - service.checkToken('secret', accessToken as PublicAuthToken), + service.checkToken('secret', accessToken as ApiToken), ).toThrow(TokenNotValidError); }); it('AuthToken has wrong validUntil Date', () => { @@ -176,33 +169,33 @@ describe('AuthService', () => { 'Test', 1549312452000, ); - expect(() => - service.checkToken(secret, accessToken as PublicAuthToken), - ).toThrow(TokenNotValidError); + expect(() => service.checkToken(secret, accessToken as ApiToken)).toThrow( + TokenNotValidError, + ); }); }); describe('setLastUsedToken', () => { it('works', async () => { - jest.spyOn(authTokenRepo, 'findOne').mockResolvedValueOnce({ - ...authToken, + jest.spyOn(apiTokenRepo, 'findOne').mockResolvedValueOnce({ + ...apiToken, user: Promise.resolve(user), lastUsedAt: new Date(1549312452000), }); jest - .spyOn(authTokenRepo, 'save') + .spyOn(apiTokenRepo, 'save') .mockImplementationOnce( - async (authTokenSaved, _): Promise => { - expect(authTokenSaved.keyId).toEqual(authToken.keyId); + async (authTokenSaved, _): Promise => { + expect(authTokenSaved.keyId).toEqual(apiToken.keyId); expect(authTokenSaved.lastUsedAt).not.toEqual(1549312452000); - return authToken; + return apiToken; }, ); - await service.setLastUsedToken(authToken.keyId); + await service.setLastUsedToken(apiToken.keyId); }); it('throws if the token is not in the database', async () => { - jest.spyOn(authTokenRepo, 'findOne').mockResolvedValueOnce(null); - await expect(service.setLastUsedToken(authToken.keyId)).rejects.toThrow( + jest.spyOn(apiTokenRepo, 'findOne').mockResolvedValueOnce(null); + await expect(service.setLastUsedToken(apiToken.keyId)).rejects.toThrow( NotInDBError, ); }); @@ -218,51 +211,51 @@ describe('AuthService', () => { .digest('hex'); jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce({ ...user, - publicAuthTokens: Promise.resolve([authToken]), + apiTokens: Promise.resolve([apiToken]), }); - jest.spyOn(authTokenRepo, 'findOne').mockResolvedValue({ - ...authToken, + jest.spyOn(apiTokenRepo, 'findOne').mockResolvedValue({ + ...apiToken, user: Promise.resolve(user), hash: accessTokenHash, }); jest - .spyOn(authTokenRepo, 'save') - .mockImplementationOnce(async (_, __): Promise => { - return authToken; + .spyOn(apiTokenRepo, 'save') + .mockImplementationOnce(async (_, __): Promise => { + return apiToken; }); const userByToken = await service.validateToken( - `hd2.${authToken.keyId}.${testSecret}`, + `hd2.${apiToken.keyId}.${testSecret}`, ); expect(userByToken).toEqual({ ...user, - publicAuthTokens: Promise.resolve([authToken]), + apiTokens: Promise.resolve([apiToken]), }); }); describe('fails:', () => { it('the prefix is missing', async () => { await expect( - service.validateToken(`${authToken.keyId}.${'a'.repeat(73)}`), + service.validateToken(`${apiToken.keyId}.${'a'.repeat(73)}`), ).rejects.toThrow(TokenNotValidError); }); it('the prefix is wrong', async () => { await expect( - service.validateToken(`hd1.${authToken.keyId}.${'a'.repeat(73)}`), + service.validateToken(`hd1.${apiToken.keyId}.${'a'.repeat(73)}`), ).rejects.toThrow(TokenNotValidError); }); it('the secret is missing', async () => { await expect( - service.validateToken(`hd2.${authToken.keyId}`), + service.validateToken(`hd2.${apiToken.keyId}`), ).rejects.toThrow(TokenNotValidError); }); it('the secret is too long', async () => { await expect( - service.validateToken(`hd2.${authToken.keyId}.${'a'.repeat(73)}`), + service.validateToken(`hd2.${apiToken.keyId}.${'a'.repeat(73)}`), ).rejects.toThrow(TokenNotValidError); }); it('the token contains sections after the secret', async () => { await expect( service.validateToken( - `hd2.${authToken.keyId}.${'a'.repeat(73)}.extra`, + `hd2.${apiToken.keyId}.${'a'.repeat(73)}.extra`, ), ).rejects.toThrow(TokenNotValidError); }); @@ -271,24 +264,24 @@ describe('AuthService', () => { describe('removeToken', () => { it('works', async () => { - jest.spyOn(authTokenRepo, 'findOne').mockResolvedValue({ - ...authToken, + jest.spyOn(apiTokenRepo, 'findOne').mockResolvedValue({ + ...apiToken, user: Promise.resolve(user), }); jest - .spyOn(authTokenRepo, 'remove') - .mockImplementationOnce(async (token, __): Promise => { + .spyOn(apiTokenRepo, 'remove') + .mockImplementationOnce(async (token, __): Promise => { expect(token).toEqual({ - ...authToken, + ...apiToken, user: Promise.resolve(user), }); - return authToken; + return apiToken; }); - await service.removeToken(authToken.keyId); + await service.removeToken(apiToken.keyId); }); it('throws if the token is not in the database', async () => { - jest.spyOn(authTokenRepo, 'findOne').mockResolvedValueOnce(null); - await expect(service.removeToken(authToken.keyId)).rejects.toThrow( + jest.spyOn(apiTokenRepo, 'findOne').mockResolvedValueOnce(null); + await expect(service.removeToken(apiToken.keyId)).rejects.toThrow( NotInDBError, ); }); @@ -298,16 +291,16 @@ describe('AuthService', () => { describe('works', () => { const identifier = 'testIdentifier'; it('with validUntil 0', async () => { - jest.spyOn(authTokenRepo, 'find').mockResolvedValueOnce([authToken]); + jest.spyOn(apiTokenRepo, 'find').mockResolvedValueOnce([apiToken]); jest - .spyOn(authTokenRepo, 'save') + .spyOn(apiTokenRepo, 'save') .mockImplementationOnce( async ( - authTokenSaved: PublicAuthToken, + apiTokenSaved: DeepPartial, _, - ): Promise => { - expect(authTokenSaved.lastUsedAt).toBeNull(); - return authTokenSaved; + ): Promise => { + expect(apiTokenSaved.lastUsedAt).toBeNull(); + return apiTokenSaved; }, ); const token = await service.addToken(user, identifier, 0); @@ -320,16 +313,16 @@ describe('AuthService', () => { expect(token.secret.startsWith('hd2.' + token.keyId)).toBeTruthy(); }); it('with validUntil not 0', async () => { - jest.spyOn(authTokenRepo, 'find').mockResolvedValueOnce([authToken]); + jest.spyOn(apiTokenRepo, 'find').mockResolvedValueOnce([apiToken]); jest - .spyOn(authTokenRepo, 'save') + .spyOn(apiTokenRepo, 'save') .mockImplementationOnce( async ( - authTokenSaved: PublicAuthToken, + apiTokenSaved: DeepPartial, _, - ): Promise => { - expect(authTokenSaved.lastUsedAt).toBeNull(); - return authTokenSaved; + ): Promise => { + expect(apiTokenSaved.lastUsedAt).toBeNull(); + return apiTokenSaved; }, ); const validUntil = new Date().getTime() + 30000; @@ -341,9 +334,9 @@ describe('AuthService', () => { }); it('should throw TooManyTokensError when number of tokens >= 200', async () => { jest - .spyOn(authTokenRepo, 'find') - .mockImplementationOnce(async (): Promise => { - const inValidToken = [authToken]; + .spyOn(apiTokenRepo, 'find') + .mockImplementationOnce(async (): Promise => { + const inValidToken = [apiToken]; inValidToken.length = 201; return inValidToken; }); @@ -362,16 +355,16 @@ describe('AuthService', () => { it('works', async () => { const expiredDate = new Date().getTime() - 30000; - const expiredToken = { ...authToken, validUntil: new Date(expiredDate) }; + const expiredToken = { ...apiToken, validUntil: new Date(expiredDate) }; jest - .spyOn(authTokenRepo, 'find') - .mockResolvedValueOnce([expiredToken, authToken]); + .spyOn(apiTokenRepo, 'find') + .mockResolvedValueOnce([expiredToken, apiToken]); jest - .spyOn(authTokenRepo, 'remove') - .mockImplementationOnce(async (token): Promise => { + .spyOn(apiTokenRepo, 'remove') + .mockImplementationOnce(async (token): Promise => { expect(token).toEqual(expiredToken); - expect(token).not.toBe(authToken); - return authToken; + expect(token).not.toBe(apiToken); + return apiToken; }); await service.removeInvalidTokens(); @@ -395,29 +388,29 @@ describe('AuthService', () => { }); describe('toAuthTokenDto', () => { - const authToken = new PublicAuthToken(); - authToken.keyId = 'testKeyId'; - authToken.label = 'testLabel'; + const apiToken = new ApiToken(); + apiToken.keyId = 'testKeyId'; + apiToken.label = 'testLabel'; const date = new Date(); date.setHours(date.getHours() - 1); - authToken.createdAt = date; - authToken.validUntil = new Date(); + apiToken.createdAt = date; + apiToken.validUntil = new Date(); it('works', () => { - const tokenDto = service.toAuthTokenDto(authToken); - expect(tokenDto.keyId).toEqual(authToken.keyId); + const tokenDto = service.toAuthTokenDto(apiToken); + expect(tokenDto.keyId).toEqual(apiToken.keyId); expect(tokenDto.lastUsedAt).toBeNull(); - expect(tokenDto.label).toEqual(authToken.label); + expect(tokenDto.label).toEqual(apiToken.label); expect(tokenDto.validUntil.getTime()).toEqual( - authToken.validUntil.getTime(), + apiToken.validUntil.getTime(), ); expect(tokenDto.createdAt.getTime()).toEqual( - authToken.createdAt.getTime(), + apiToken.createdAt.getTime(), ); }); it('should have lastUsedAt', () => { - authToken.lastUsedAt = new Date(); - const tokenDto = service.toAuthTokenDto(authToken); - expect(tokenDto.lastUsedAt).toEqual(authToken.lastUsedAt); + apiToken.lastUsedAt = new Date(); + const tokenDto = service.toAuthTokenDto(apiToken); + expect(tokenDto.lastUsedAt).toEqual(apiToken.lastUsedAt); }); }); }); diff --git a/backend/src/public-auth-token/public-auth-token.service.ts b/backend/src/api-token/api-token.service.ts similarity index 76% rename from backend/src/public-auth-token/public-auth-token.service.ts rename to backend/src/api-token/api-token.service.ts index 10790aeb8..adc1b9681 100644 --- a/backend/src/public-auth-token/public-auth-token.service.ts +++ b/backend/src/api-token/api-token.service.ts @@ -6,7 +6,7 @@ import { Injectable } from '@nestjs/common'; import { Cron, Timeout } from '@nestjs/schedule'; import { InjectRepository } from '@nestjs/typeorm'; -import crypto, { randomBytes } from 'crypto'; +import { createHash, randomBytes, timingSafeEqual } from 'crypto'; import { Repository } from 'typeorm'; import { @@ -18,37 +18,34 @@ import { ConsoleLoggerService } from '../logger/console-logger.service'; import { User } from '../users/user.entity'; import { bufferToBase64Url } from '../utils/password'; import { TimestampMillis } from '../utils/timestamp'; -import { - PublicAuthTokenDto, - PublicAuthTokenWithSecretDto, -} from './public-auth-token.dto'; -import { PublicAuthToken } from './public-auth-token.entity'; +import { ApiTokenDto, ApiTokenWithSecretDto } from './api-token.dto'; +import { ApiToken } from './api-token.entity'; export const AUTH_TOKEN_PREFIX = 'hd2'; @Injectable() -export class PublicAuthTokenService { +export class ApiTokenService { constructor( private readonly logger: ConsoleLoggerService, - @InjectRepository(PublicAuthToken) - private authTokenRepository: Repository, + @InjectRepository(ApiToken) + private authTokenRepository: Repository, ) { - this.logger.setContext(PublicAuthTokenService.name); + this.logger.setContext(ApiTokenService.name); } async validateToken(tokenString: string): Promise { const [prefix, keyId, secret, ...rest] = tokenString.split('.'); if (!keyId || !secret || prefix !== AUTH_TOKEN_PREFIX || rest.length > 0) { - throw new TokenNotValidError('Invalid AuthToken format'); + throw new TokenNotValidError('Invalid API token format'); } if (secret.length != 86) { // We always expect 86 characters, as the secret is generated with 64 bytes // and then converted to a base64url string throw new TokenNotValidError( - `AuthToken '${tokenString}' has incorrect length`, + `API token '${tokenString}' has incorrect length`, ); } - const token = await this.getAuthToken(keyId); + const token = await this.getToken(keyId); this.checkToken(secret, token); await this.setLastUsedToken(keyId); return await token.user; @@ -58,14 +55,11 @@ export class PublicAuthTokenService { user: User, identifier: string, userDefinedValidUntil: TimestampMillis | undefined, - ): [Omit, string] { + ): [Omit, string] { const secret = bufferToBase64Url(randomBytes(64)); const keyId = bufferToBase64Url(randomBytes(8)); // More about the choice of SHA-512 in the dev docs - const accessTokenHash = crypto - .createHash('sha512') - .update(secret) - .digest('hex'); + const accessTokenHash = createHash('sha512').update(secret).digest('hex'); // Tokens can only be valid for a maximum of 2 years const maximumTokenValidity = new Date().getTime() + 2 * 365 * 24 * 60 * 60 * 1000; @@ -76,7 +70,7 @@ export class PublicAuthTokenService { const validUntil = isTokenLimitedToMaximumValidity ? maximumTokenValidity : userDefinedValidUntil; - const token = PublicAuthToken.create( + const token = ApiToken.create( keyId, user, identifier, @@ -90,20 +84,20 @@ export class PublicAuthTokenService { user: User, identifier: string, validUntil: TimestampMillis | undefined, - ): Promise { - user.publicAuthTokens = this.getTokensByUser(user); + ): Promise { + user.apiTokens = this.getTokensByUser(user); - if ((await user.publicAuthTokens).length >= 200) { + if ((await user.apiTokens).length >= 200) { // This is a very high ceiling unlikely to hinder legitimate usage, // but should prevent possible attack vectors throw new TooManyTokensError( - `User '${user.username}' has already 200 tokens and can't have anymore`, + `User '${user.username}' has already 200 API tokens and can't have more`, ); } const [token, secret] = this.createToken(user, identifier, validUntil); const createdToken = (await this.authTokenRepository.save( token, - )) as PublicAuthToken; + )) as ApiToken; return this.toAuthTokenWithSecretDto( createdToken, `${AUTH_TOKEN_PREFIX}.${createdToken.keyId}.${secret}`, @@ -115,33 +109,33 @@ export class PublicAuthTokenService { where: { keyId: keyId }, }); if (token === null) { - throw new NotInDBError(`AuthToken for key '${keyId}' not found`); + throw new NotInDBError(`API token with id '${keyId}' not found`); } token.lastUsedAt = new Date(); await this.authTokenRepository.save(token); } - async getAuthToken(keyId: string): Promise { + async getToken(keyId: string): Promise { const token = await this.authTokenRepository.findOne({ where: { keyId: keyId }, relations: ['user'], }); if (token === null) { - throw new NotInDBError(`AuthToken '${keyId}' not found`); + throw new NotInDBError(`API token with id '${keyId}' not found`); } return token; } - checkToken(secret: string, token: PublicAuthToken): void { + checkToken(secret: string, token: ApiToken): void { const userHash = Buffer.from( - crypto.createHash('sha512').update(secret).digest('hex'), + createHash('sha512').update(secret).digest('hex'), ); const dbHash = Buffer.from(token.hash); if ( // Normally, both hashes have the same length, as they are both SHA512 // This is only defense-in-depth, as timingSafeEqual throws if the buffers are not of the same length userHash.length !== dbHash.length || - !crypto.timingSafeEqual(userHash, dbHash) + !timingSafeEqual(userHash, dbHash) ) { // hashes are not the same throw new TokenNotValidError( @@ -158,7 +152,7 @@ export class PublicAuthTokenService { } } - async getTokensByUser(user: User): Promise { + async getTokensByUser(user: User): Promise { const tokens = await this.authTokenRepository.find({ where: { user: { id: user.id } }, }); @@ -173,13 +167,13 @@ export class PublicAuthTokenService { where: { keyId: keyId }, }); if (token === null) { - throw new NotInDBError(`AuthToken for key '${keyId}' not found`); + throw new NotInDBError(`API token with id '${keyId}' not found`); } await this.authTokenRepository.remove(token); } - toAuthTokenDto(authToken: PublicAuthToken): PublicAuthTokenDto { - const tokenDto: PublicAuthTokenDto = { + toAuthTokenDto(authToken: ApiToken): ApiTokenDto { + const tokenDto: ApiTokenDto = { label: authToken.label, keyId: authToken.keyId, createdAt: authToken.createdAt, @@ -195,9 +189,9 @@ export class PublicAuthTokenService { } toAuthTokenWithSecretDto( - authToken: PublicAuthToken, + authToken: ApiToken, secret: string, - ): PublicAuthTokenWithSecretDto { + ): ApiTokenWithSecretDto { const tokenDto = this.toAuthTokenDto(authToken); return { ...tokenDto, @@ -219,7 +213,7 @@ export class PublicAuthTokenService { async removeInvalidTokens(): Promise { const currentTime = new Date().getTime(); - const tokens: PublicAuthToken[] = await this.authTokenRepository.find(); + const tokens: ApiToken[] = await this.authTokenRepository.find(); let removedTokens = 0; for (const token of tokens) { if (token.validUntil && token.validUntil.getTime() <= currentTime) { diff --git a/backend/src/public-auth-token/mock-public-auth-token-guard.service.ts b/backend/src/api-token/mock-api-token.guard.ts similarity index 96% rename from backend/src/public-auth-token/mock-public-auth-token-guard.service.ts rename to backend/src/api-token/mock-api-token.guard.ts index 4834e7ac4..4658603f9 100644 --- a/backend/src/public-auth-token/mock-public-auth-token-guard.service.ts +++ b/backend/src/api-token/mock-api-token.guard.ts @@ -10,7 +10,7 @@ import { User } from '../users/user.entity'; import { UsersService } from '../users/users.service'; @Injectable() -export class MockPublicAuthTokenGuard { +export class MockApiTokenGuard { private user: User; constructor(private usersService: UsersService) {} diff --git a/backend/src/api/private/private-api.module.ts b/backend/src/api/private/private-api.module.ts index fd31242a9..9215f1089 100644 --- a/backend/src/api/private/private-api.module.ts +++ b/backend/src/api/private/private-api.module.ts @@ -5,6 +5,7 @@ */ import { Module } from '@nestjs/common'; +import { ApiTokenModule } from '../../api-token/api-token.module'; import { FrontendConfigModule } from '../../frontend-config/frontend-config.module'; import { GroupsModule } from '../../groups/groups.module'; import { HistoryModule } from '../../history/history.module'; @@ -13,7 +14,6 @@ import { LoggerModule } from '../../logger/logger.module'; import { MediaModule } from '../../media/media.module'; import { NotesModule } from '../../notes/notes.module'; import { PermissionsModule } from '../../permissions/permissions.module'; -import { PublicAuthTokenModule } from '../../public-auth-token/public-auth-token.module'; import { RevisionsModule } from '../../revisions/revisions.module'; import { UsersModule } from '../../users/users.module'; import { AliasController } from './alias/alias.controller'; @@ -27,14 +27,14 @@ import { HistoryController } from './me/history/history.controller'; import { MeController } from './me/me.controller'; import { MediaController } from './media/media.controller'; import { NotesController } from './notes/notes.controller'; -import { PublicAuthTokensController } from './tokens/publicAuthTokensController'; +import { ApiTokensController } from './tokens/api-tokens.controller'; import { UsersController } from './users/users.controller'; @Module({ imports: [ LoggerModule, UsersModule, - PublicAuthTokenModule, + ApiTokenModule, FrontendConfigModule, HistoryModule, PermissionsModule, @@ -45,7 +45,7 @@ import { UsersController } from './users/users.controller'; GroupsModule, ], controllers: [ - PublicAuthTokensController, + ApiTokensController, ConfigController, MediaController, HistoryController, diff --git a/backend/src/api/private/tokens/publicAuthTokensController.ts b/backend/src/api/private/tokens/api-tokens.controller.ts similarity index 73% rename from backend/src/api/private/tokens/publicAuthTokensController.ts rename to backend/src/api/private/tokens/api-tokens.controller.ts index 7de4b05b0..9d6fa989d 100644 --- a/backend/src/api/private/tokens/publicAuthTokensController.ts +++ b/backend/src/api/private/tokens/api-tokens.controller.ts @@ -15,14 +15,14 @@ import { } from '@nestjs/common'; import { ApiTags } from '@nestjs/swagger'; +import { + ApiTokenCreateDto, + ApiTokenDto, + ApiTokenWithSecretDto, +} from '../../../api-token/api-token.dto'; +import { ApiTokenService } from '../../../api-token/api-token.service'; import { SessionGuard } from '../../../identity/session.guard'; import { ConsoleLoggerService } from '../../../logger/console-logger.service'; -import { - PublicAuthTokenCreateDto, - PublicAuthTokenDto, - PublicAuthTokenWithSecretDto, -} from '../../../public-auth-token/public-auth-token.dto'; -import { PublicAuthTokenService } from '../../../public-auth-token/public-auth-token.service'; import { User } from '../../../users/user.entity'; import { OpenApi } from '../../utils/openapi.decorator'; import { RequestUser } from '../../utils/request-user.decorator'; @@ -31,19 +31,17 @@ import { RequestUser } from '../../utils/request-user.decorator'; @OpenApi(401) @ApiTags('tokens') @Controller('tokens') -export class PublicAuthTokensController { +export class ApiTokensController { constructor( private readonly logger: ConsoleLoggerService, - private publicAuthTokenService: PublicAuthTokenService, + private publicAuthTokenService: ApiTokenService, ) { - this.logger.setContext(PublicAuthTokensController.name); + this.logger.setContext(ApiTokensController.name); } @Get() @OpenApi(200) - async getUserTokens( - @RequestUser() user: User, - ): Promise { + async getUserTokens(@RequestUser() user: User): Promise { return (await this.publicAuthTokenService.getTokensByUser(user)).map( (token) => this.publicAuthTokenService.toAuthTokenDto(token), ); @@ -52,9 +50,9 @@ export class PublicAuthTokensController { @Post() @OpenApi(201) async postTokenRequest( - @Body() createDto: PublicAuthTokenCreateDto, + @Body() createDto: ApiTokenCreateDto, @RequestUser() user: User, - ): Promise { + ): Promise { return await this.publicAuthTokenService.addToken( user, createDto.label, diff --git a/backend/src/api/public/alias/alias.controller.ts b/backend/src/api/public/alias/alias.controller.ts index ebc482e63..9a18752d9 100644 --- a/backend/src/api/public/alias/alias.controller.ts +++ b/backend/src/api/public/alias/alias.controller.ts @@ -16,6 +16,7 @@ import { } from '@nestjs/common'; import { ApiSecurity, ApiTags } from '@nestjs/swagger'; +import { ApiTokenGuard } from '../../../api-token/api-token.guard'; import { ConsoleLoggerService } from '../../../logger/console-logger.service'; import { AliasCreateDto } from '../../../notes/alias-create.dto'; import { AliasUpdateDto } from '../../../notes/alias-update.dto'; @@ -23,12 +24,11 @@ import { AliasDto } from '../../../notes/alias.dto'; import { AliasService } from '../../../notes/alias.service'; import { NotesService } from '../../../notes/notes.service'; import { PermissionsService } from '../../../permissions/permissions.service'; -import { PublicAuthTokenGuard } from '../../../public-auth-token/public-auth-token.strategy'; import { User } from '../../../users/user.entity'; import { OpenApi } from '../../utils/openapi.decorator'; import { RequestUser } from '../../utils/request-user.decorator'; -@UseGuards(PublicAuthTokenGuard) +@UseGuards(ApiTokenGuard) @OpenApi(401) @ApiTags('alias') @ApiSecurity('token') diff --git a/backend/src/api/public/me/me.controller.ts b/backend/src/api/public/me/me.controller.ts index d8eca753c..44394d035 100644 --- a/backend/src/api/public/me/me.controller.ts +++ b/backend/src/api/public/me/me.controller.ts @@ -14,6 +14,7 @@ import { } from '@nestjs/common'; import { ApiSecurity, ApiTags } from '@nestjs/swagger'; +import { ApiTokenGuard } from '../../../api-token/api-token.guard'; import { HistoryEntryUpdateDto } from '../../../history/history-entry-update.dto'; import { HistoryEntryDto } from '../../../history/history-entry.dto'; import { HistoryService } from '../../../history/history.service'; @@ -23,7 +24,6 @@ import { MediaService } from '../../../media/media.service'; import { NoteMetadataDto } from '../../../notes/note-metadata.dto'; import { Note } from '../../../notes/note.entity'; import { NotesService } from '../../../notes/notes.service'; -import { PublicAuthTokenGuard } from '../../../public-auth-token/public-auth-token.strategy'; import { FullUserInfoDto } from '../../../users/user-info.dto'; import { User } from '../../../users/user.entity'; import { UsersService } from '../../../users/users.service'; @@ -32,7 +32,7 @@ import { OpenApi } from '../../utils/openapi.decorator'; import { RequestNote } from '../../utils/request-note.decorator'; import { RequestUser } from '../../utils/request-user.decorator'; -@UseGuards(PublicAuthTokenGuard) +@UseGuards(ApiTokenGuard) @OpenApi(401) @ApiTags('me') @ApiSecurity('token') diff --git a/backend/src/api/public/media/media.controller.ts b/backend/src/api/public/media/media.controller.ts index 216e2498c..dbd2f1d27 100644 --- a/backend/src/api/public/media/media.controller.ts +++ b/backend/src/api/public/media/media.controller.ts @@ -25,6 +25,7 @@ import { } from '@nestjs/swagger'; import { Response } from 'express'; +import { ApiTokenGuard } from '../../../api-token/api-token.guard'; import { PermissionError } from '../../../errors/errors'; import { ConsoleLoggerService } from '../../../logger/console-logger.service'; import { MediaUploadDto } from '../../../media/media-upload.dto'; @@ -35,14 +36,13 @@ import { PermissionsGuard } from '../../../permissions/permissions.guard'; import { PermissionsService } from '../../../permissions/permissions.service'; import { RequirePermission } from '../../../permissions/require-permission.decorator'; import { RequiredPermission } from '../../../permissions/required-permission.enum'; -import { PublicAuthTokenGuard } from '../../../public-auth-token/public-auth-token.strategy'; import { User } from '../../../users/user.entity'; import { NoteHeaderInterceptor } from '../../utils/note-header.interceptor'; import { OpenApi } from '../../utils/openapi.decorator'; import { RequestNote } from '../../utils/request-note.decorator'; import { RequestUser } from '../../utils/request-user.decorator'; -@UseGuards(PublicAuthTokenGuard) +@UseGuards(ApiTokenGuard) @OpenApi(401) @ApiTags('media') @ApiSecurity('token') diff --git a/backend/src/api/public/monitoring/monitoring.controller.ts b/backend/src/api/public/monitoring/monitoring.controller.ts index 0d086b4c5..73001268a 100644 --- a/backend/src/api/public/monitoring/monitoring.controller.ts +++ b/backend/src/api/public/monitoring/monitoring.controller.ts @@ -6,12 +6,12 @@ import { Controller, Get, UseGuards } from '@nestjs/common'; import { ApiSecurity, ApiTags } from '@nestjs/swagger'; +import { ApiTokenGuard } from '../../../api-token/api-token.guard'; import { MonitoringService } from '../../../monitoring/monitoring.service'; import { ServerStatusDto } from '../../../monitoring/server-status.dto'; -import { PublicAuthTokenGuard } from '../../../public-auth-token/public-auth-token.strategy'; import { OpenApi } from '../../utils/openapi.decorator'; -@UseGuards(PublicAuthTokenGuard) +@UseGuards(ApiTokenGuard) @OpenApi(401) @ApiTags('monitoring') @ApiSecurity('token') diff --git a/backend/src/api/public/notes/notes.controller.ts b/backend/src/api/public/notes/notes.controller.ts index 4c454e60a..9a993faf5 100644 --- a/backend/src/api/public/notes/notes.controller.ts +++ b/backend/src/api/public/notes/notes.controller.ts @@ -17,6 +17,7 @@ import { } from '@nestjs/common'; import { ApiSecurity, ApiTags } from '@nestjs/swagger'; +import { ApiTokenGuard } from '../../../api-token/api-token.guard'; import { NotInDBError } from '../../../errors/errors'; import { GroupsService } from '../../../groups/groups.service'; import { HistoryService } from '../../../history/history.service'; @@ -36,7 +37,6 @@ import { PermissionsGuard } from '../../../permissions/permissions.guard'; import { PermissionsService } from '../../../permissions/permissions.service'; import { RequirePermission } from '../../../permissions/require-permission.decorator'; import { RequiredPermission } from '../../../permissions/required-permission.enum'; -import { PublicAuthTokenGuard } from '../../../public-auth-token/public-auth-token.strategy'; import { RevisionMetadataDto } from '../../../revisions/revision-metadata.dto'; import { RevisionDto } from '../../../revisions/revision.dto'; import { RevisionsService } from '../../../revisions/revisions.service'; @@ -49,7 +49,7 @@ import { OpenApi } from '../../utils/openapi.decorator'; import { RequestNote } from '../../utils/request-note.decorator'; import { RequestUser } from '../../utils/request-user.decorator'; -@UseGuards(PublicAuthTokenGuard, PermissionsGuard) +@UseGuards(ApiTokenGuard, PermissionsGuard) @OpenApi(401) @ApiTags('notes') @ApiSecurity('token') diff --git a/backend/src/api/public/public-api.module.ts b/backend/src/api/public/public-api.module.ts index 79bc17b13..57bea4a3f 100644 --- a/backend/src/api/public/public-api.module.ts +++ b/backend/src/api/public/public-api.module.ts @@ -5,6 +5,7 @@ */ import { Module } from '@nestjs/common'; +import { ApiTokenModule } from '../../api-token/api-token.module'; import { GroupsModule } from '../../groups/groups.module'; import { HistoryModule } from '../../history/history.module'; import { LoggerModule } from '../../logger/logger.module'; @@ -22,6 +23,7 @@ import { NotesController } from './notes/notes.controller'; @Module({ imports: [ + ApiTokenModule, GroupsModule, UsersModule, HistoryModule, diff --git a/backend/src/app.module.ts b/backend/src/app.module.ts index c1e2e990b..a970f7044 100644 --- a/backend/src/app.module.ts +++ b/backend/src/app.module.ts @@ -10,6 +10,7 @@ import { EventEmitterModule } from '@nestjs/event-emitter'; import { ScheduleModule } from '@nestjs/schedule'; import { TypeOrmModule } from '@nestjs/typeorm'; +import { ApiTokenModule } from './api-token/api-token.module'; import { PrivateApiModule } from './api/private/private-api.module'; import { PublicApiModule } from './api/public/public-api.module'; import { AuthorsModule } from './authors/authors.module'; @@ -34,7 +35,6 @@ import { MediaModule } from './media/media.module'; import { MonitoringModule } from './monitoring/monitoring.module'; import { NotesModule } from './notes/notes.module'; import { PermissionsModule } from './permissions/permissions.module'; -import { PublicAuthTokenModule } from './public-auth-token/public-auth-token.module'; import { WebsocketModule } from './realtime/websocket/websocket.module'; import { RevisionsModule } from './revisions/revisions.module'; import { SessionModule } from './sessions/session.module'; @@ -112,7 +112,7 @@ const routes: Routes = [ GroupsModule, LoggerModule, MediaModule, - PublicAuthTokenModule, + ApiTokenModule, FrontendConfigModule, WebsocketModule, IdentityModule, diff --git a/backend/src/history/history.service.spec.ts b/backend/src/history/history.service.spec.ts index b8a1ce8db..623d48fba 100644 --- a/backend/src/history/history.service.spec.ts +++ b/backend/src/history/history.service.spec.ts @@ -11,6 +11,7 @@ import assert from 'assert'; import { Mock } from 'ts-mockery'; import { DataSource, EntityManager, Repository } from 'typeorm'; +import { ApiToken } from '../api-token/api-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; import authConfigMock from '../config/mock/auth.config.mock'; @@ -27,7 +28,6 @@ import { NotesModule } from '../notes/notes.module'; import { Tag } from '../notes/tag.entity'; import { NoteGroupPermission } from '../permissions/note-group-permission.entity'; import { NoteUserPermission } from '../permissions/note-user-permission.entity'; -import { PublicAuthToken } from '../public-auth-token/public-auth-token.entity'; import { Edit } from '../revisions/edit.entity'; import { Revision } from '../revisions/revision.entity'; import { RevisionsModule } from '../revisions/revisions.module'; @@ -112,7 +112,7 @@ describe('HistoryService', () => { }) .overrideProvider(getRepositoryToken(User)) .useValue({}) - .overrideProvider(getRepositoryToken(PublicAuthToken)) + .overrideProvider(getRepositoryToken(ApiToken)) .useValue({}) .overrideProvider(getRepositoryToken(Identity)) .useValue({}) diff --git a/backend/src/media/media.service.spec.ts b/backend/src/media/media.service.spec.ts index b513e6455..a9192a853 100644 --- a/backend/src/media/media.service.spec.ts +++ b/backend/src/media/media.service.spec.ts @@ -11,6 +11,7 @@ import { promises as fs } from 'fs'; import { Repository } from 'typeorm'; import appConfigMock from '../../src/config/mock/app.config.mock'; +import { ApiToken } from '../api-token/api-token.entity'; import { Author } from '../authors/author.entity'; import authConfigMock from '../config/mock/auth.config.mock'; import databaseConfigMock from '../config/mock/database.config.mock'; @@ -27,7 +28,6 @@ import { NotesModule } from '../notes/notes.module'; import { Tag } from '../notes/tag.entity'; import { NoteGroupPermission } from '../permissions/note-group-permission.entity'; import { NoteUserPermission } from '../permissions/note-user-permission.entity'; -import { PublicAuthToken } from '../public-auth-token/public-auth-token.entity'; import { Edit } from '../revisions/edit.entity'; import { Revision } from '../revisions/revision.entity'; import { Session } from '../sessions/session.entity'; @@ -84,7 +84,7 @@ describe('MediaService', () => { }) .overrideProvider(getRepositoryToken(Edit)) .useValue({}) - .overrideProvider(getRepositoryToken(PublicAuthToken)) + .overrideProvider(getRepositoryToken(ApiToken)) .useValue({}) .overrideProvider(getRepositoryToken(Identity)) .useValue({}) diff --git a/backend/src/migrations/mariadb-1726084491570-init.ts b/backend/src/migrations/mariadb-1726271650566-init.ts similarity index 93% rename from backend/src/migrations/mariadb-1726084491570-init.ts rename to backend/src/migrations/mariadb-1726271650566-init.ts index 2d0d54a13..dacaad3d2 100644 --- a/backend/src/migrations/mariadb-1726084491570-init.ts +++ b/backend/src/migrations/mariadb-1726271650566-init.ts @@ -1,15 +1,26 @@ +/* + * SPDX-FileCopyrightText: 2024 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ import { MigrationInterface, QueryRunner } from 'typeorm'; -export class Init1726084491570 implements MigrationInterface { - name = 'Init1726084491570'; +export class Init1726271650566 implements MigrationInterface { + name = 'Init1726271650566'; public async up(queryRunner: QueryRunner): Promise { + await queryRunner.query( + `CREATE TABLE \`api_token\` (\`id\` int NOT NULL AUTO_INCREMENT, \`keyId\` varchar(255) NOT NULL, \`label\` varchar(255) NOT NULL, \`createdAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), \`hash\` varchar(255) NOT NULL, \`validUntil\` datetime NOT NULL, \`lastUsedAt\` date NULL, \`userId\` int NULL, UNIQUE INDEX \`IDX_3e254e2eb542a65da7c405d068\` (\`keyId\`), UNIQUE INDEX \`IDX_60221392192b32c7560c128a6f\` (\`hash\`), PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, + ); await queryRunner.query( `CREATE TABLE \`history_entry\` (\`id\` int NOT NULL AUTO_INCREMENT, \`pinStatus\` tinyint NOT NULL, \`updatedAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6), \`userId\` int NULL, \`noteId\` int NULL, UNIQUE INDEX \`IDX_928dd947355b0837366470a916\` (\`noteId\`, \`userId\`), PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, ); await queryRunner.query( `CREATE TABLE \`media_upload\` (\`uuid\` varchar(255) NOT NULL, \`fileName\` varchar(255) NOT NULL, \`backendType\` varchar(255) NOT NULL, \`backendData\` text NULL, \`createdAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), \`noteId\` int NULL, \`userId\` int NULL, PRIMARY KEY (\`uuid\`)) ENGINE=InnoDB`, ); + await queryRunner.query( + `CREATE TABLE \`group\` (\`id\` int NOT NULL AUTO_INCREMENT, \`name\` varchar(255) NOT NULL, \`displayName\` varchar(255) NOT NULL, \`special\` tinyint NOT NULL, UNIQUE INDEX \`IDX_8a45300fd825918f3b40195fbd\` (\`name\`), PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, + ); await queryRunner.query( `CREATE TABLE \`note_group_permission\` (\`id\` int NOT NULL AUTO_INCREMENT, \`canEdit\` tinyint NOT NULL, \`groupId\` int NULL, \`noteId\` int NULL, UNIQUE INDEX \`IDX_ee1744842a9ef3ffbc05a7016a\` (\`groupId\`, \`noteId\`), PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, ); @@ -37,17 +48,14 @@ export class Init1726084491570 implements MigrationInterface { await queryRunner.query( `CREATE TABLE \`author\` (\`id\` int NOT NULL AUTO_INCREMENT, \`color\` int NOT NULL, \`userId\` int NULL, PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, ); - await queryRunner.query( - `CREATE TABLE \`identity\` (\`id\` int NOT NULL AUTO_INCREMENT, \`providerType\` varchar(255) NOT NULL, \`providerIdentifier\` text NULL, \`createdAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), \`updatedAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6), \`providerUserId\` text NULL, \`passwordHash\` text NULL, \`userId\` int NULL, PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, - ); - await queryRunner.query( - `CREATE TABLE \`public_auth_token\` (\`id\` int NOT NULL AUTO_INCREMENT, \`keyId\` varchar(255) NOT NULL, \`label\` varchar(255) NOT NULL, \`createdAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), \`hash\` varchar(255) NOT NULL, \`validUntil\` datetime NOT NULL, \`lastUsedAt\` date NULL, \`userId\` int NULL, UNIQUE INDEX \`IDX_b4c4b9179f72ef63c32248e83a\` (\`keyId\`), UNIQUE INDEX \`IDX_6450514886fa4182c889c076df\` (\`hash\`), PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, - ); await queryRunner.query( `CREATE TABLE \`user\` (\`id\` int NOT NULL AUTO_INCREMENT, \`username\` varchar(255) NOT NULL, \`displayName\` varchar(255) NOT NULL, \`createdAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), \`updatedAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6), \`photo\` text NULL, \`email\` text NULL, UNIQUE INDEX \`IDX_78a916df40e02a9deb1c4b75ed\` (\`username\`), PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, ); await queryRunner.query( - `CREATE TABLE \`group\` (\`id\` int NOT NULL AUTO_INCREMENT, \`name\` varchar(255) NOT NULL, \`displayName\` varchar(255) NOT NULL, \`special\` tinyint NOT NULL, UNIQUE INDEX \`IDX_8a45300fd825918f3b40195fbd\` (\`name\`), PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, + `CREATE TABLE \`identity\` (\`id\` int NOT NULL AUTO_INCREMENT, \`providerType\` varchar(255) NOT NULL, \`providerIdentifier\` text NULL, \`createdAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), \`updatedAt\` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6), \`providerUserId\` text NULL, \`passwordHash\` text NULL, \`userId\` int NULL, PRIMARY KEY (\`id\`)) ENGINE=InnoDB`, + ); + await queryRunner.query( + `CREATE TABLE \`group_members_user\` (\`groupId\` int NOT NULL, \`userId\` int NOT NULL, INDEX \`IDX_bfa303089d367a2e3c02b002b8\` (\`groupId\`), INDEX \`IDX_427107c650638bcb2f1e167d2e\` (\`userId\`), PRIMARY KEY (\`groupId\`, \`userId\`)) ENGINE=InnoDB`, ); await queryRunner.query( `CREATE TABLE \`revision_tags_tag\` (\`revisionId\` int NOT NULL, \`tagId\` int NOT NULL, INDEX \`IDX_3382f45eefeb40f91e45cfd418\` (\`revisionId\`), INDEX \`IDX_19dbafe2a8b456c0ef40858d49\` (\`tagId\`), PRIMARY KEY (\`revisionId\`, \`tagId\`)) ENGINE=InnoDB`, @@ -56,7 +64,7 @@ export class Init1726084491570 implements MigrationInterface { `CREATE TABLE \`revision_edits_edit\` (\`revisionId\` int NOT NULL, \`editId\` int NOT NULL, INDEX \`IDX_52c6a61e1a646768391c7854fe\` (\`revisionId\`), INDEX \`IDX_470886feb50e30114e39c42698\` (\`editId\`), PRIMARY KEY (\`revisionId\`, \`editId\`)) ENGINE=InnoDB`, ); await queryRunner.query( - `CREATE TABLE \`group_members_user\` (\`groupId\` int NOT NULL, \`userId\` int NOT NULL, INDEX \`IDX_bfa303089d367a2e3c02b002b8\` (\`groupId\`), INDEX \`IDX_427107c650638bcb2f1e167d2e\` (\`userId\`), PRIMARY KEY (\`groupId\`, \`userId\`)) ENGINE=InnoDB`, + `ALTER TABLE \`api_token\` ADD CONSTRAINT \`FK_cbfc4e2b85b78207afb0b2d7fbc\` FOREIGN KEY (\`userId\`) REFERENCES \`user\`(\`id\`) ON DELETE CASCADE ON UPDATE NO ACTION`, ); await queryRunner.query( `ALTER TABLE \`history_entry\` ADD CONSTRAINT \`FK_42b8ae461cb58747a24340e6c64\` FOREIGN KEY (\`userId\`) REFERENCES \`user\`(\`id\`) ON DELETE CASCADE ON UPDATE NO ACTION`, @@ -104,7 +112,10 @@ export class Init1726084491570 implements MigrationInterface { `ALTER TABLE \`identity\` ADD CONSTRAINT \`FK_12915039d2868ab654567bf5181\` FOREIGN KEY (\`userId\`) REFERENCES \`user\`(\`id\`) ON DELETE CASCADE ON UPDATE NO ACTION`, ); await queryRunner.query( - `ALTER TABLE \`public_auth_token\` ADD CONSTRAINT \`FK_b7b4f28eb8b4a0fc443448b9054\` FOREIGN KEY (\`userId\`) REFERENCES \`user\`(\`id\`) ON DELETE CASCADE ON UPDATE NO ACTION`, + `ALTER TABLE \`group_members_user\` ADD CONSTRAINT \`FK_bfa303089d367a2e3c02b002b8f\` FOREIGN KEY (\`groupId\`) REFERENCES \`group\`(\`id\`) ON DELETE CASCADE ON UPDATE CASCADE`, + ); + await queryRunner.query( + `ALTER TABLE \`group_members_user\` ADD CONSTRAINT \`FK_427107c650638bcb2f1e167d2e5\` FOREIGN KEY (\`userId\`) REFERENCES \`user\`(\`id\`) ON DELETE NO ACTION ON UPDATE NO ACTION`, ); await queryRunner.query( `ALTER TABLE \`revision_tags_tag\` ADD CONSTRAINT \`FK_3382f45eefeb40f91e45cfd4180\` FOREIGN KEY (\`revisionId\`) REFERENCES \`revision\`(\`id\`) ON DELETE CASCADE ON UPDATE CASCADE`, @@ -118,21 +129,9 @@ export class Init1726084491570 implements MigrationInterface { await queryRunner.query( `ALTER TABLE \`revision_edits_edit\` ADD CONSTRAINT \`FK_470886feb50e30114e39c426987\` FOREIGN KEY (\`editId\`) REFERENCES \`edit\`(\`id\`) ON DELETE NO ACTION ON UPDATE NO ACTION`, ); - await queryRunner.query( - `ALTER TABLE \`group_members_user\` ADD CONSTRAINT \`FK_bfa303089d367a2e3c02b002b8f\` FOREIGN KEY (\`groupId\`) REFERENCES \`group\`(\`id\`) ON DELETE CASCADE ON UPDATE CASCADE`, - ); - await queryRunner.query( - `ALTER TABLE \`group_members_user\` ADD CONSTRAINT \`FK_427107c650638bcb2f1e167d2e5\` FOREIGN KEY (\`userId\`) REFERENCES \`user\`(\`id\`) ON DELETE NO ACTION ON UPDATE NO ACTION`, - ); } public async down(queryRunner: QueryRunner): Promise { - await queryRunner.query( - `ALTER TABLE \`group_members_user\` DROP FOREIGN KEY \`FK_427107c650638bcb2f1e167d2e5\``, - ); - await queryRunner.query( - `ALTER TABLE \`group_members_user\` DROP FOREIGN KEY \`FK_bfa303089d367a2e3c02b002b8f\``, - ); await queryRunner.query( `ALTER TABLE \`revision_edits_edit\` DROP FOREIGN KEY \`FK_470886feb50e30114e39c426987\``, ); @@ -146,7 +145,10 @@ export class Init1726084491570 implements MigrationInterface { `ALTER TABLE \`revision_tags_tag\` DROP FOREIGN KEY \`FK_3382f45eefeb40f91e45cfd4180\``, ); await queryRunner.query( - `ALTER TABLE \`public_auth_token\` DROP FOREIGN KEY \`FK_b7b4f28eb8b4a0fc443448b9054\``, + `ALTER TABLE \`group_members_user\` DROP FOREIGN KEY \`FK_427107c650638bcb2f1e167d2e5\``, + ); + await queryRunner.query( + `ALTER TABLE \`group_members_user\` DROP FOREIGN KEY \`FK_bfa303089d367a2e3c02b002b8f\``, ); await queryRunner.query( `ALTER TABLE \`identity\` DROP FOREIGN KEY \`FK_12915039d2868ab654567bf5181\``, @@ -194,12 +196,8 @@ export class Init1726084491570 implements MigrationInterface { `ALTER TABLE \`history_entry\` DROP FOREIGN KEY \`FK_42b8ae461cb58747a24340e6c64\``, ); await queryRunner.query( - `DROP INDEX \`IDX_427107c650638bcb2f1e167d2e\` ON \`group_members_user\``, + `ALTER TABLE \`api_token\` DROP FOREIGN KEY \`FK_cbfc4e2b85b78207afb0b2d7fbc\``, ); - await queryRunner.query( - `DROP INDEX \`IDX_bfa303089d367a2e3c02b002b8\` ON \`group_members_user\``, - ); - await queryRunner.query(`DROP TABLE \`group_members_user\``); await queryRunner.query( `DROP INDEX \`IDX_470886feb50e30114e39c42698\` ON \`revision_edits_edit\``, ); @@ -215,21 +213,17 @@ export class Init1726084491570 implements MigrationInterface { ); await queryRunner.query(`DROP TABLE \`revision_tags_tag\``); await queryRunner.query( - `DROP INDEX \`IDX_8a45300fd825918f3b40195fbd\` ON \`group\``, + `DROP INDEX \`IDX_427107c650638bcb2f1e167d2e\` ON \`group_members_user\``, ); - await queryRunner.query(`DROP TABLE \`group\``); + await queryRunner.query( + `DROP INDEX \`IDX_bfa303089d367a2e3c02b002b8\` ON \`group_members_user\``, + ); + await queryRunner.query(`DROP TABLE \`group_members_user\``); + await queryRunner.query(`DROP TABLE \`identity\``); await queryRunner.query( `DROP INDEX \`IDX_78a916df40e02a9deb1c4b75ed\` ON \`user\``, ); await queryRunner.query(`DROP TABLE \`user\``); - await queryRunner.query( - `DROP INDEX \`IDX_6450514886fa4182c889c076df\` ON \`public_auth_token\``, - ); - await queryRunner.query( - `DROP INDEX \`IDX_b4c4b9179f72ef63c32248e83a\` ON \`public_auth_token\``, - ); - await queryRunner.query(`DROP TABLE \`public_auth_token\``); - await queryRunner.query(`DROP TABLE \`identity\``); await queryRunner.query(`DROP TABLE \`author\``); await queryRunner.query( `DROP INDEX \`IDX_28c5d1d16da7908c97c9bc2f74\` ON \`session\``, @@ -254,10 +248,21 @@ export class Init1726084491570 implements MigrationInterface { `DROP INDEX \`IDX_ee1744842a9ef3ffbc05a7016a\` ON \`note_group_permission\``, ); await queryRunner.query(`DROP TABLE \`note_group_permission\``); + await queryRunner.query( + `DROP INDEX \`IDX_8a45300fd825918f3b40195fbd\` ON \`group\``, + ); + await queryRunner.query(`DROP TABLE \`group\``); await queryRunner.query(`DROP TABLE \`media_upload\``); await queryRunner.query( `DROP INDEX \`IDX_928dd947355b0837366470a916\` ON \`history_entry\``, ); await queryRunner.query(`DROP TABLE \`history_entry\``); + await queryRunner.query( + `DROP INDEX \`IDX_60221392192b32c7560c128a6f\` ON \`api_token\``, + ); + await queryRunner.query( + `DROP INDEX \`IDX_3e254e2eb542a65da7c405d068\` ON \`api_token\``, + ); + await queryRunner.query(`DROP TABLE \`api_token\``); } } diff --git a/backend/src/migrations/postgres-1726084117959-init.ts b/backend/src/migrations/postgres-1726271794336-init.ts similarity index 94% rename from backend/src/migrations/postgres-1726084117959-init.ts rename to backend/src/migrations/postgres-1726271794336-init.ts index 50c9eefcd..8541dccec 100644 --- a/backend/src/migrations/postgres-1726084117959-init.ts +++ b/backend/src/migrations/postgres-1726271794336-init.ts @@ -1,9 +1,17 @@ +/* + * SPDX-FileCopyrightText: 2024 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ import { MigrationInterface, QueryRunner } from 'typeorm'; -export class Init1726084117959 implements MigrationInterface { - name = 'Init1726084117959'; +export class Init1726271794336 implements MigrationInterface { + name = 'Init1726271794336'; public async up(queryRunner: QueryRunner): Promise { + await queryRunner.query( + `CREATE TABLE "api_token" ("id" SERIAL NOT NULL, "keyId" character varying NOT NULL, "label" character varying NOT NULL, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "hash" character varying NOT NULL, "validUntil" TIMESTAMP NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_3e254e2eb542a65da7c405d0683" UNIQUE ("keyId"), CONSTRAINT "UQ_60221392192b32c7560c128a6fa" UNIQUE ("hash"), CONSTRAINT "PK_d862311c568d175c26f41bc6f98" PRIMARY KEY ("id"))`, + ); await queryRunner.query( `CREATE TABLE "history_entry" ("id" SERIAL NOT NULL, "pinStatus" boolean NOT NULL, "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), "userId" integer, "noteId" integer, CONSTRAINT "PK_b65bd95b0d2929668589d57b97a" PRIMARY KEY ("id"))`, ); @@ -13,6 +21,9 @@ export class Init1726084117959 implements MigrationInterface { await queryRunner.query( `CREATE TABLE "media_upload" ("uuid" character varying NOT NULL, "fileName" character varying NOT NULL, "backendType" character varying NOT NULL, "backendData" text, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "noteId" integer, "userId" integer, CONSTRAINT "PK_573c2a4f2a8f8382f2a8758444e" PRIMARY KEY ("uuid"))`, ); + await queryRunner.query( + `CREATE TABLE "group" ("id" SERIAL NOT NULL, "name" character varying NOT NULL, "displayName" character varying NOT NULL, "special" boolean NOT NULL, CONSTRAINT "UQ_8a45300fd825918f3b40195fbdc" UNIQUE ("name"), CONSTRAINT "PK_256aa0fda9b1de1a73ee0b7106b" PRIMARY KEY ("id"))`, + ); await queryRunner.query( `CREATE TABLE "note_group_permission" ("id" SERIAL NOT NULL, "canEdit" boolean NOT NULL, "groupId" integer, "noteId" integer, CONSTRAINT "PK_6327989190949e6a55d02a080c3" PRIMARY KEY ("id"))`, ); @@ -49,17 +60,20 @@ export class Init1726084117959 implements MigrationInterface { await queryRunner.query( `CREATE TABLE "author" ("id" SERIAL NOT NULL, "color" integer NOT NULL, "userId" integer, CONSTRAINT "PK_5a0e79799d372fe56f2f3fa6871" PRIMARY KEY ("id"))`, ); - await queryRunner.query( - `CREATE TABLE "identity" ("id" SERIAL NOT NULL, "providerType" character varying NOT NULL, "providerIdentifier" text, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), "providerUserId" text, "passwordHash" text, "userId" integer, CONSTRAINT "PK_ff16a44186b286d5e626178f726" PRIMARY KEY ("id"))`, - ); - await queryRunner.query( - `CREATE TABLE "public_auth_token" ("id" SERIAL NOT NULL, "keyId" character varying NOT NULL, "label" character varying NOT NULL, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "hash" character varying NOT NULL, "validUntil" TIMESTAMP NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_b4c4b9179f72ef63c32248e83ab" UNIQUE ("keyId"), CONSTRAINT "UQ_6450514886fa4182c889c076df6" UNIQUE ("hash"), CONSTRAINT "PK_1bdb7c2d237fb02d84fa75f48a5" PRIMARY KEY ("id"))`, - ); await queryRunner.query( `CREATE TABLE "user" ("id" SERIAL NOT NULL, "username" character varying NOT NULL, "displayName" character varying NOT NULL, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), "photo" text, "email" text, CONSTRAINT "UQ_78a916df40e02a9deb1c4b75edb" UNIQUE ("username"), CONSTRAINT "PK_cace4a159ff9f2512dd42373760" PRIMARY KEY ("id"))`, ); await queryRunner.query( - `CREATE TABLE "group" ("id" SERIAL NOT NULL, "name" character varying NOT NULL, "displayName" character varying NOT NULL, "special" boolean NOT NULL, CONSTRAINT "UQ_8a45300fd825918f3b40195fbdc" UNIQUE ("name"), CONSTRAINT "PK_256aa0fda9b1de1a73ee0b7106b" PRIMARY KEY ("id"))`, + `CREATE TABLE "identity" ("id" SERIAL NOT NULL, "providerType" character varying NOT NULL, "providerIdentifier" text, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), "providerUserId" text, "passwordHash" text, "userId" integer, CONSTRAINT "PK_ff16a44186b286d5e626178f726" PRIMARY KEY ("id"))`, + ); + await queryRunner.query( + `CREATE TABLE "group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, CONSTRAINT "PK_7170c9a27e7b823d391d9e11f2e" PRIMARY KEY ("groupId", "userId"))`, + ); + await queryRunner.query( + `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, + ); + await queryRunner.query( + `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, ); await queryRunner.query( `CREATE TABLE "revision_tags_tag" ("revisionId" integer NOT NULL, "tagId" integer NOT NULL, CONSTRAINT "PK_006354d3ecad6cb1e606320647b" PRIMARY KEY ("revisionId", "tagId"))`, @@ -80,13 +94,7 @@ export class Init1726084117959 implements MigrationInterface { `CREATE INDEX "IDX_470886feb50e30114e39c42698" ON "revision_edits_edit" ("editId") `, ); await queryRunner.query( - `CREATE TABLE "group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, CONSTRAINT "PK_7170c9a27e7b823d391d9e11f2e" PRIMARY KEY ("groupId", "userId"))`, - ); - await queryRunner.query( - `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, - ); - await queryRunner.query( - `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, + `ALTER TABLE "api_token" ADD CONSTRAINT "FK_cbfc4e2b85b78207afb0b2d7fbc" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, ); await queryRunner.query( `ALTER TABLE "history_entry" ADD CONSTRAINT "FK_42b8ae461cb58747a24340e6c64" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, @@ -134,7 +142,10 @@ export class Init1726084117959 implements MigrationInterface { `ALTER TABLE "identity" ADD CONSTRAINT "FK_12915039d2868ab654567bf5181" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, ); await queryRunner.query( - `ALTER TABLE "public_auth_token" ADD CONSTRAINT "FK_b7b4f28eb8b4a0fc443448b9054" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, + `ALTER TABLE "group_members_user" ADD CONSTRAINT "FK_bfa303089d367a2e3c02b002b8f" FOREIGN KEY ("groupId") REFERENCES "group"("id") ON DELETE CASCADE ON UPDATE CASCADE`, + ); + await queryRunner.query( + `ALTER TABLE "group_members_user" ADD CONSTRAINT "FK_427107c650638bcb2f1e167d2e5" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`, ); await queryRunner.query( `ALTER TABLE "revision_tags_tag" ADD CONSTRAINT "FK_3382f45eefeb40f91e45cfd4180" FOREIGN KEY ("revisionId") REFERENCES "revision"("id") ON DELETE CASCADE ON UPDATE CASCADE`, @@ -148,21 +159,9 @@ export class Init1726084117959 implements MigrationInterface { await queryRunner.query( `ALTER TABLE "revision_edits_edit" ADD CONSTRAINT "FK_470886feb50e30114e39c426987" FOREIGN KEY ("editId") REFERENCES "edit"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`, ); - await queryRunner.query( - `ALTER TABLE "group_members_user" ADD CONSTRAINT "FK_bfa303089d367a2e3c02b002b8f" FOREIGN KEY ("groupId") REFERENCES "group"("id") ON DELETE CASCADE ON UPDATE CASCADE`, - ); - await queryRunner.query( - `ALTER TABLE "group_members_user" ADD CONSTRAINT "FK_427107c650638bcb2f1e167d2e5" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`, - ); } public async down(queryRunner: QueryRunner): Promise { - await queryRunner.query( - `ALTER TABLE "group_members_user" DROP CONSTRAINT "FK_427107c650638bcb2f1e167d2e5"`, - ); - await queryRunner.query( - `ALTER TABLE "group_members_user" DROP CONSTRAINT "FK_bfa303089d367a2e3c02b002b8f"`, - ); await queryRunner.query( `ALTER TABLE "revision_edits_edit" DROP CONSTRAINT "FK_470886feb50e30114e39c426987"`, ); @@ -176,7 +175,10 @@ export class Init1726084117959 implements MigrationInterface { `ALTER TABLE "revision_tags_tag" DROP CONSTRAINT "FK_3382f45eefeb40f91e45cfd4180"`, ); await queryRunner.query( - `ALTER TABLE "public_auth_token" DROP CONSTRAINT "FK_b7b4f28eb8b4a0fc443448b9054"`, + `ALTER TABLE "group_members_user" DROP CONSTRAINT "FK_427107c650638bcb2f1e167d2e5"`, + ); + await queryRunner.query( + `ALTER TABLE "group_members_user" DROP CONSTRAINT "FK_bfa303089d367a2e3c02b002b8f"`, ); await queryRunner.query( `ALTER TABLE "identity" DROP CONSTRAINT "FK_12915039d2868ab654567bf5181"`, @@ -224,12 +226,8 @@ export class Init1726084117959 implements MigrationInterface { `ALTER TABLE "history_entry" DROP CONSTRAINT "FK_42b8ae461cb58747a24340e6c64"`, ); await queryRunner.query( - `DROP INDEX "public"."IDX_427107c650638bcb2f1e167d2e"`, + `ALTER TABLE "api_token" DROP CONSTRAINT "FK_cbfc4e2b85b78207afb0b2d7fbc"`, ); - await queryRunner.query( - `DROP INDEX "public"."IDX_bfa303089d367a2e3c02b002b8"`, - ); - await queryRunner.query(`DROP TABLE "group_members_user"`); await queryRunner.query( `DROP INDEX "public"."IDX_470886feb50e30114e39c42698"`, ); @@ -244,10 +242,15 @@ export class Init1726084117959 implements MigrationInterface { `DROP INDEX "public"."IDX_3382f45eefeb40f91e45cfd418"`, ); await queryRunner.query(`DROP TABLE "revision_tags_tag"`); - await queryRunner.query(`DROP TABLE "group"`); - await queryRunner.query(`DROP TABLE "user"`); - await queryRunner.query(`DROP TABLE "public_auth_token"`); + await queryRunner.query( + `DROP INDEX "public"."IDX_427107c650638bcb2f1e167d2e"`, + ); + await queryRunner.query( + `DROP INDEX "public"."IDX_bfa303089d367a2e3c02b002b8"`, + ); + await queryRunner.query(`DROP TABLE "group_members_user"`); await queryRunner.query(`DROP TABLE "identity"`); + await queryRunner.query(`DROP TABLE "user"`); await queryRunner.query(`DROP TABLE "author"`); await queryRunner.query( `DROP INDEX "public"."IDX_28c5d1d16da7908c97c9bc2f74"`, @@ -266,10 +269,12 @@ export class Init1726084117959 implements MigrationInterface { `DROP INDEX "public"."IDX_ee1744842a9ef3ffbc05a7016a"`, ); await queryRunner.query(`DROP TABLE "note_group_permission"`); + await queryRunner.query(`DROP TABLE "group"`); await queryRunner.query(`DROP TABLE "media_upload"`); await queryRunner.query( `DROP INDEX "public"."IDX_928dd947355b0837366470a916"`, ); await queryRunner.query(`DROP TABLE "history_entry"`); + await queryRunner.query(`DROP TABLE "api_token"`); } } diff --git a/backend/src/migrations/sqlite-1726084595852-init.ts b/backend/src/migrations/sqlite-1726271503150-init.ts similarity index 93% rename from backend/src/migrations/sqlite-1726084595852-init.ts rename to backend/src/migrations/sqlite-1726271503150-init.ts index 116d8c9e3..caef476cf 100644 --- a/backend/src/migrations/sqlite-1726084595852-init.ts +++ b/backend/src/migrations/sqlite-1726271503150-init.ts @@ -1,9 +1,17 @@ +/* + * SPDX-FileCopyrightText: 2024 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ import { MigrationInterface, QueryRunner } from 'typeorm'; -export class Init1726084595852 implements MigrationInterface { - name = 'Init1726084595852'; +export class Init1726271503150 implements MigrationInterface { + name = 'Init1726271503150'; public async up(queryRunner: QueryRunner): Promise { + await queryRunner.query( + `CREATE TABLE "api_token" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "keyId" varchar NOT NULL, "label" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "hash" varchar NOT NULL, "validUntil" datetime NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_3e254e2eb542a65da7c405d0683" UNIQUE ("keyId"), CONSTRAINT "UQ_60221392192b32c7560c128a6fa" UNIQUE ("hash"))`, + ); await queryRunner.query( `CREATE TABLE "history_entry" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "pinStatus" boolean NOT NULL, "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "userId" integer, "noteId" integer)`, ); @@ -13,6 +21,9 @@ export class Init1726084595852 implements MigrationInterface { await queryRunner.query( `CREATE TABLE "media_upload" ("uuid" varchar PRIMARY KEY NOT NULL, "fileName" varchar NOT NULL, "backendType" varchar NOT NULL, "backendData" text, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "noteId" integer, "userId" integer)`, ); + await queryRunner.query( + `CREATE TABLE "group" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "displayName" varchar NOT NULL, "special" boolean NOT NULL, CONSTRAINT "UQ_8a45300fd825918f3b40195fbdc" UNIQUE ("name"))`, + ); await queryRunner.query( `CREATE TABLE "note_group_permission" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "canEdit" boolean NOT NULL, "groupId" integer, "noteId" integer)`, ); @@ -49,17 +60,20 @@ export class Init1726084595852 implements MigrationInterface { await queryRunner.query( `CREATE TABLE "author" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "color" integer NOT NULL, "userId" integer)`, ); - await queryRunner.query( - `CREATE TABLE "identity" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "providerType" varchar NOT NULL, "providerIdentifier" text, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "providerUserId" text, "passwordHash" text, "userId" integer)`, - ); - await queryRunner.query( - `CREATE TABLE "public_auth_token" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "keyId" varchar NOT NULL, "label" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "hash" varchar NOT NULL, "validUntil" datetime NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_b4c4b9179f72ef63c32248e83ab" UNIQUE ("keyId"), CONSTRAINT "UQ_6450514886fa4182c889c076df6" UNIQUE ("hash"))`, - ); await queryRunner.query( `CREATE TABLE "user" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "username" varchar NOT NULL, "displayName" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "photo" text, "email" text, CONSTRAINT "UQ_78a916df40e02a9deb1c4b75edb" UNIQUE ("username"))`, ); await queryRunner.query( - `CREATE TABLE "group" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "displayName" varchar NOT NULL, "special" boolean NOT NULL, CONSTRAINT "UQ_8a45300fd825918f3b40195fbdc" UNIQUE ("name"))`, + `CREATE TABLE "identity" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "providerType" varchar NOT NULL, "providerIdentifier" text, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "providerUserId" text, "passwordHash" text, "userId" integer)`, + ); + await queryRunner.query( + `CREATE TABLE "group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, PRIMARY KEY ("groupId", "userId"))`, + ); + await queryRunner.query( + `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, + ); + await queryRunner.query( + `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, ); await queryRunner.query( `CREATE TABLE "revision_tags_tag" ("revisionId" integer NOT NULL, "tagId" integer NOT NULL, PRIMARY KEY ("revisionId", "tagId"))`, @@ -80,13 +94,14 @@ export class Init1726084595852 implements MigrationInterface { `CREATE INDEX "IDX_470886feb50e30114e39c42698" ON "revision_edits_edit" ("editId") `, ); await queryRunner.query( - `CREATE TABLE "group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, PRIMARY KEY ("groupId", "userId"))`, + `CREATE TABLE "temporary_api_token" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "keyId" varchar NOT NULL, "label" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "hash" varchar NOT NULL, "validUntil" datetime NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_3e254e2eb542a65da7c405d0683" UNIQUE ("keyId"), CONSTRAINT "UQ_60221392192b32c7560c128a6fa" UNIQUE ("hash"), CONSTRAINT "FK_cbfc4e2b85b78207afb0b2d7fbc" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`, ); await queryRunner.query( - `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, + `INSERT INTO "temporary_api_token"("id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId") SELECT "id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId" FROM "api_token"`, ); + await queryRunner.query(`DROP TABLE "api_token"`); await queryRunner.query( - `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, + `ALTER TABLE "temporary_api_token" RENAME TO "api_token"`, ); await queryRunner.query(`DROP INDEX "IDX_928dd947355b0837366470a916"`); await queryRunner.query( @@ -208,15 +223,23 @@ export class Init1726084595852 implements MigrationInterface { await queryRunner.query( `ALTER TABLE "temporary_identity" RENAME TO "identity"`, ); + await queryRunner.query(`DROP INDEX "IDX_bfa303089d367a2e3c02b002b8"`); + await queryRunner.query(`DROP INDEX "IDX_427107c650638bcb2f1e167d2e"`); await queryRunner.query( - `CREATE TABLE "temporary_public_auth_token" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "keyId" varchar NOT NULL, "label" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "hash" varchar NOT NULL, "validUntil" datetime NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_b4c4b9179f72ef63c32248e83ab" UNIQUE ("keyId"), CONSTRAINT "UQ_6450514886fa4182c889c076df6" UNIQUE ("hash"), CONSTRAINT "FK_b7b4f28eb8b4a0fc443448b9054" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`, + `CREATE TABLE "temporary_group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, CONSTRAINT "FK_bfa303089d367a2e3c02b002b8f" FOREIGN KEY ("groupId") REFERENCES "group" ("id") ON DELETE CASCADE ON UPDATE CASCADE, CONSTRAINT "FK_427107c650638bcb2f1e167d2e5" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION, PRIMARY KEY ("groupId", "userId"))`, ); await queryRunner.query( - `INSERT INTO "temporary_public_auth_token"("id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId") SELECT "id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId" FROM "public_auth_token"`, + `INSERT INTO "temporary_group_members_user"("groupId", "userId") SELECT "groupId", "userId" FROM "group_members_user"`, ); - await queryRunner.query(`DROP TABLE "public_auth_token"`); + await queryRunner.query(`DROP TABLE "group_members_user"`); await queryRunner.query( - `ALTER TABLE "temporary_public_auth_token" RENAME TO "public_auth_token"`, + `ALTER TABLE "temporary_group_members_user" RENAME TO "group_members_user"`, + ); + await queryRunner.query( + `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, + ); + await queryRunner.query( + `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, ); await queryRunner.query(`DROP INDEX "IDX_3382f45eefeb40f91e45cfd418"`); await queryRunner.query(`DROP INDEX "IDX_19dbafe2a8b456c0ef40858d49"`); @@ -254,45 +277,9 @@ export class Init1726084595852 implements MigrationInterface { await queryRunner.query( `CREATE INDEX "IDX_470886feb50e30114e39c42698" ON "revision_edits_edit" ("editId") `, ); - await queryRunner.query(`DROP INDEX "IDX_bfa303089d367a2e3c02b002b8"`); - await queryRunner.query(`DROP INDEX "IDX_427107c650638bcb2f1e167d2e"`); - await queryRunner.query( - `CREATE TABLE "temporary_group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, CONSTRAINT "FK_bfa303089d367a2e3c02b002b8f" FOREIGN KEY ("groupId") REFERENCES "group" ("id") ON DELETE CASCADE ON UPDATE CASCADE, CONSTRAINT "FK_427107c650638bcb2f1e167d2e5" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION, PRIMARY KEY ("groupId", "userId"))`, - ); - await queryRunner.query( - `INSERT INTO "temporary_group_members_user"("groupId", "userId") SELECT "groupId", "userId" FROM "group_members_user"`, - ); - await queryRunner.query(`DROP TABLE "group_members_user"`); - await queryRunner.query( - `ALTER TABLE "temporary_group_members_user" RENAME TO "group_members_user"`, - ); - await queryRunner.query( - `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, - ); - await queryRunner.query( - `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, - ); } public async down(queryRunner: QueryRunner): Promise { - await queryRunner.query(`DROP INDEX "IDX_427107c650638bcb2f1e167d2e"`); - await queryRunner.query(`DROP INDEX "IDX_bfa303089d367a2e3c02b002b8"`); - await queryRunner.query( - `ALTER TABLE "group_members_user" RENAME TO "temporary_group_members_user"`, - ); - await queryRunner.query( - `CREATE TABLE "group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, PRIMARY KEY ("groupId", "userId"))`, - ); - await queryRunner.query( - `INSERT INTO "group_members_user"("groupId", "userId") SELECT "groupId", "userId" FROM "temporary_group_members_user"`, - ); - await queryRunner.query(`DROP TABLE "temporary_group_members_user"`); - await queryRunner.query( - `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, - ); - await queryRunner.query( - `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, - ); await queryRunner.query(`DROP INDEX "IDX_470886feb50e30114e39c42698"`); await queryRunner.query(`DROP INDEX "IDX_52c6a61e1a646768391c7854fe"`); await queryRunner.query( @@ -329,16 +316,24 @@ export class Init1726084595852 implements MigrationInterface { await queryRunner.query( `CREATE INDEX "IDX_3382f45eefeb40f91e45cfd418" ON "revision_tags_tag" ("revisionId") `, ); + await queryRunner.query(`DROP INDEX "IDX_427107c650638bcb2f1e167d2e"`); + await queryRunner.query(`DROP INDEX "IDX_bfa303089d367a2e3c02b002b8"`); await queryRunner.query( - `ALTER TABLE "public_auth_token" RENAME TO "temporary_public_auth_token"`, + `ALTER TABLE "group_members_user" RENAME TO "temporary_group_members_user"`, ); await queryRunner.query( - `CREATE TABLE "public_auth_token" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "keyId" varchar NOT NULL, "label" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "hash" varchar NOT NULL, "validUntil" datetime NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_b4c4b9179f72ef63c32248e83ab" UNIQUE ("keyId"), CONSTRAINT "UQ_6450514886fa4182c889c076df6" UNIQUE ("hash"))`, + `CREATE TABLE "group_members_user" ("groupId" integer NOT NULL, "userId" integer NOT NULL, PRIMARY KEY ("groupId", "userId"))`, ); await queryRunner.query( - `INSERT INTO "public_auth_token"("id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId") SELECT "id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId" FROM "temporary_public_auth_token"`, + `INSERT INTO "group_members_user"("groupId", "userId") SELECT "groupId", "userId" FROM "temporary_group_members_user"`, + ); + await queryRunner.query(`DROP TABLE "temporary_group_members_user"`); + await queryRunner.query( + `CREATE INDEX "IDX_427107c650638bcb2f1e167d2e" ON "group_members_user" ("userId") `, + ); + await queryRunner.query( + `CREATE INDEX "IDX_bfa303089d367a2e3c02b002b8" ON "group_members_user" ("groupId") `, ); - await queryRunner.query(`DROP TABLE "temporary_public_auth_token"`); await queryRunner.query( `ALTER TABLE "identity" RENAME TO "temporary_identity"`, ); @@ -459,19 +454,27 @@ export class Init1726084595852 implements MigrationInterface { await queryRunner.query( `CREATE UNIQUE INDEX "IDX_928dd947355b0837366470a916" ON "history_entry" ("noteId", "userId") `, ); - await queryRunner.query(`DROP INDEX "IDX_427107c650638bcb2f1e167d2e"`); - await queryRunner.query(`DROP INDEX "IDX_bfa303089d367a2e3c02b002b8"`); - await queryRunner.query(`DROP TABLE "group_members_user"`); + await queryRunner.query( + `ALTER TABLE "api_token" RENAME TO "temporary_api_token"`, + ); + await queryRunner.query( + `CREATE TABLE "api_token" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "keyId" varchar NOT NULL, "label" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "hash" varchar NOT NULL, "validUntil" datetime NOT NULL, "lastUsedAt" date, "userId" integer, CONSTRAINT "UQ_3e254e2eb542a65da7c405d0683" UNIQUE ("keyId"), CONSTRAINT "UQ_60221392192b32c7560c128a6fa" UNIQUE ("hash"))`, + ); + await queryRunner.query( + `INSERT INTO "api_token"("id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId") SELECT "id", "keyId", "label", "createdAt", "hash", "validUntil", "lastUsedAt", "userId" FROM "temporary_api_token"`, + ); + await queryRunner.query(`DROP TABLE "temporary_api_token"`); await queryRunner.query(`DROP INDEX "IDX_470886feb50e30114e39c42698"`); await queryRunner.query(`DROP INDEX "IDX_52c6a61e1a646768391c7854fe"`); await queryRunner.query(`DROP TABLE "revision_edits_edit"`); await queryRunner.query(`DROP INDEX "IDX_19dbafe2a8b456c0ef40858d49"`); await queryRunner.query(`DROP INDEX "IDX_3382f45eefeb40f91e45cfd418"`); await queryRunner.query(`DROP TABLE "revision_tags_tag"`); - await queryRunner.query(`DROP TABLE "group"`); - await queryRunner.query(`DROP TABLE "user"`); - await queryRunner.query(`DROP TABLE "public_auth_token"`); + await queryRunner.query(`DROP INDEX "IDX_427107c650638bcb2f1e167d2e"`); + await queryRunner.query(`DROP INDEX "IDX_bfa303089d367a2e3c02b002b8"`); + await queryRunner.query(`DROP TABLE "group_members_user"`); await queryRunner.query(`DROP TABLE "identity"`); + await queryRunner.query(`DROP TABLE "user"`); await queryRunner.query(`DROP TABLE "author"`); await queryRunner.query(`DROP INDEX "IDX_28c5d1d16da7908c97c9bc2f74"`); await queryRunner.query(`DROP TABLE "session"`); @@ -484,8 +487,10 @@ export class Init1726084595852 implements MigrationInterface { await queryRunner.query(`DROP TABLE "note_user_permission"`); await queryRunner.query(`DROP INDEX "IDX_ee1744842a9ef3ffbc05a7016a"`); await queryRunner.query(`DROP TABLE "note_group_permission"`); + await queryRunner.query(`DROP TABLE "group"`); await queryRunner.query(`DROP TABLE "media_upload"`); await queryRunner.query(`DROP INDEX "IDX_928dd947355b0837366470a916"`); await queryRunner.query(`DROP TABLE "history_entry"`); + await queryRunner.query(`DROP TABLE "api_token"`); } } diff --git a/backend/src/notes/alias.service.spec.ts b/backend/src/notes/alias.service.spec.ts index 6f65861e1..b87c1d3ad 100644 --- a/backend/src/notes/alias.service.spec.ts +++ b/backend/src/notes/alias.service.spec.ts @@ -10,6 +10,7 @@ import { getRepositoryToken } from '@nestjs/typeorm'; import { Mock } from 'ts-mockery'; import { DataSource, EntityManager, Repository } from 'typeorm'; +import { ApiToken } from '../api-token/api-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; import authConfigMock from '../config/mock/auth.config.mock'; @@ -28,7 +29,6 @@ import { Identity } from '../identity/identity.entity'; import { LoggerModule } from '../logger/logger.module'; import { NoteGroupPermission } from '../permissions/note-group-permission.entity'; import { NoteUserPermission } from '../permissions/note-user-permission.entity'; -import { PublicAuthToken } from '../public-auth-token/public-auth-token.entity'; import { RealtimeNoteModule } from '../realtime/realtime-note/realtime-note.module'; import { Edit } from '../revisions/edit.entity'; import { Revision } from '../revisions/revision.entity'; @@ -118,7 +118,7 @@ describe('AliasService', () => { .useValue(aliasRepo) .overrideProvider(getRepositoryToken(User)) .useClass(Repository) - .overrideProvider(getRepositoryToken(PublicAuthToken)) + .overrideProvider(getRepositoryToken(ApiToken)) .useValue({}) .overrideProvider(getRepositoryToken(Identity)) .useValue({}) diff --git a/backend/src/notes/notes.service.spec.ts b/backend/src/notes/notes.service.spec.ts index 04ea08a9a..f68d3623a 100644 --- a/backend/src/notes/notes.service.spec.ts +++ b/backend/src/notes/notes.service.spec.ts @@ -15,6 +15,7 @@ import { Repository, } from 'typeorm'; +import { ApiToken } from '../api-token/api-token.entity'; import { Author } from '../authors/author.entity'; import { DefaultAccessLevel } from '../config/default-access-level.enum'; import appConfigMock from '../config/mock/app.config.mock'; @@ -39,7 +40,6 @@ import { Identity } from '../identity/identity.entity'; import { LoggerModule } from '../logger/logger.module'; import { NoteGroupPermission } from '../permissions/note-group-permission.entity'; import { NoteUserPermission } from '../permissions/note-user-permission.entity'; -import { PublicAuthToken } from '../public-auth-token/public-auth-token.entity'; import { RealtimeNoteModule } from '../realtime/realtime-note/realtime-note.module'; import { Edit } from '../revisions/edit.entity'; import { Revision } from '../revisions/revision.entity'; @@ -194,7 +194,7 @@ describe('NotesService', () => { .useValue(aliasRepo) .overrideProvider(getRepositoryToken(User)) .useValue(userRepo) - .overrideProvider(getRepositoryToken(PublicAuthToken)) + .overrideProvider(getRepositoryToken(ApiToken)) .useValue({}) .overrideProvider(getRepositoryToken(Identity)) .useValue({}) diff --git a/backend/src/permissions/permissions.service.spec.ts b/backend/src/permissions/permissions.service.spec.ts index f1a78e7a6..fb00dd3c9 100644 --- a/backend/src/permissions/permissions.service.spec.ts +++ b/backend/src/permissions/permissions.service.spec.ts @@ -10,6 +10,7 @@ import { getRepositoryToken } from '@nestjs/typeorm'; import { Mock } from 'ts-mockery'; import { DataSource, EntityManager, Repository } from 'typeorm'; +import { ApiToken } from '../api-token/api-token.entity'; import { Author } from '../authors/author.entity'; import { DefaultAccessLevel } from '../config/default-access-level.enum'; import { GuestAccess } from '../config/guest_access.enum'; @@ -37,7 +38,6 @@ import { import { Note } from '../notes/note.entity'; import { NotesModule } from '../notes/notes.module'; import { Tag } from '../notes/tag.entity'; -import { PublicAuthToken } from '../public-auth-token/public-auth-token.entity'; import { Edit } from '../revisions/edit.entity'; import { Revision } from '../revisions/revision.entity'; import { Session } from '../sessions/session.entity'; @@ -162,7 +162,7 @@ describe('PermissionsService', () => { }) .overrideProvider(getRepositoryToken(User)) .useValue(userRepo) - .overrideProvider(getRepositoryToken(PublicAuthToken)) + .overrideProvider(getRepositoryToken(ApiToken)) .useValue({}) .overrideProvider(getRepositoryToken(Identity)) .useValue({}) diff --git a/backend/src/public-auth-token/public-auth-token.module.ts b/backend/src/public-auth-token/public-auth-token.module.ts deleted file mode 100644 index 15c114906..000000000 --- a/backend/src/public-auth-token/public-auth-token.module.ts +++ /dev/null @@ -1,35 +0,0 @@ -/* - * SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file) - * - * SPDX-License-Identifier: AGPL-3.0-only - */ -import { Module } from '@nestjs/common'; -import { PassportModule } from '@nestjs/passport'; -import { TypeOrmModule } from '@nestjs/typeorm'; - -import { LoggerModule } from '../logger/logger.module'; -import { UsersModule } from '../users/users.module'; -import { MockPublicAuthTokenGuard } from './mock-public-auth-token-guard.service'; -import { PublicAuthToken } from './public-auth-token.entity'; -import { PublicAuthTokenService } from './public-auth-token.service'; -import { - PublicAuthTokenGuard, - PublicAuthTokenStrategy, -} from './public-auth-token.strategy'; - -@Module({ - imports: [ - UsersModule, - PassportModule, - LoggerModule, - TypeOrmModule.forFeature([PublicAuthToken]), - ], - providers: [ - PublicAuthTokenService, - PublicAuthTokenStrategy, - MockPublicAuthTokenGuard, - PublicAuthTokenGuard, - ], - exports: [PublicAuthTokenService], -}) -export class PublicAuthTokenModule {} diff --git a/backend/src/public-auth-token/public-auth-token.strategy.ts b/backend/src/public-auth-token/public-auth-token.strategy.ts deleted file mode 100644 index 36ee05f61..000000000 --- a/backend/src/public-auth-token/public-auth-token.strategy.ts +++ /dev/null @@ -1,39 +0,0 @@ -/* - * SPDX-FileCopyrightText: 2024 The HedgeDoc developers (see AUTHORS file) - * - * SPDX-License-Identifier: AGPL-3.0-only - */ -import { Injectable, UnauthorizedException } from '@nestjs/common'; -import { AuthGuard, PassportStrategy } from '@nestjs/passport'; -import { Strategy } from 'passport-http-bearer'; - -import { NotInDBError, TokenNotValidError } from '../errors/errors'; -import { User } from '../users/user.entity'; -import { PublicAuthTokenService } from './public-auth-token.service'; - -@Injectable() -export class PublicAuthTokenGuard extends AuthGuard('token') {} - -@Injectable() -export class PublicAuthTokenStrategy extends PassportStrategy( - Strategy, - 'token', -) { - constructor(private authService: PublicAuthTokenService) { - super(); - } - - async validate(token: string): Promise { - try { - return await this.authService.validateToken(token); - } catch (error) { - if ( - error instanceof NotInDBError || - error instanceof TokenNotValidError - ) { - throw new UnauthorizedException(error.message); - } - throw error; - } - } -} diff --git a/backend/src/realtime/websocket/websocket.gateway.spec.ts b/backend/src/realtime/websocket/websocket.gateway.spec.ts index df5e6f795..87be86a0b 100644 --- a/backend/src/realtime/websocket/websocket.gateway.spec.ts +++ b/backend/src/realtime/websocket/websocket.gateway.spec.ts @@ -13,6 +13,7 @@ import { Mock } from 'ts-mockery'; import { Repository } from 'typeorm'; import WebSocket from 'ws'; +import { ApiToken } from '../../api-token/api-token.entity'; import { Author } from '../../authors/author.entity'; import appConfigMock from '../../config/mock/app.config.mock'; import authConfigMock from '../../config/mock/auth.config.mock'; @@ -32,7 +33,6 @@ import { NotePermission } from '../../permissions/note-permission.enum'; import { NoteUserPermission } from '../../permissions/note-user-permission.entity'; import { PermissionsModule } from '../../permissions/permissions.module'; import { PermissionsService } from '../../permissions/permissions.service'; -import { PublicAuthToken } from '../../public-auth-token/public-auth-token.entity'; import { Edit } from '../../revisions/edit.entity'; import { Revision } from '../../revisions/revision.entity'; import { Session } from '../../sessions/session.entity'; @@ -122,7 +122,7 @@ describe('Websocket gateway', () => { }) .overrideProvider(getRepositoryToken(User)) .useClass(Repository) - .overrideProvider(getRepositoryToken(PublicAuthToken)) + .overrideProvider(getRepositoryToken(ApiToken)) .useValue({}) .overrideProvider(getRepositoryToken(Identity)) .useValue({}) diff --git a/backend/src/revisions/revisions.service.spec.ts b/backend/src/revisions/revisions.service.spec.ts index 2bc460ada..f8964165e 100644 --- a/backend/src/revisions/revisions.service.spec.ts +++ b/backend/src/revisions/revisions.service.spec.ts @@ -10,6 +10,7 @@ import { getRepositoryToken } from '@nestjs/typeorm'; import { Mock } from 'ts-mockery'; import { Repository } from 'typeorm'; +import { ApiToken } from '../api-token/api-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; import authConfigMock from '../config/mock/auth.config.mock'; @@ -26,7 +27,6 @@ import { NotesModule } from '../notes/notes.module'; import { Tag } from '../notes/tag.entity'; import { NoteGroupPermission } from '../permissions/note-group-permission.entity'; import { NoteUserPermission } from '../permissions/note-user-permission.entity'; -import { PublicAuthToken } from '../public-auth-token/public-auth-token.entity'; import { Session } from '../sessions/session.entity'; import { User } from '../users/user.entity'; import { Edit } from './edit.entity'; @@ -67,7 +67,7 @@ describe('RevisionsService', () => { .useValue({}) .overrideProvider(getRepositoryToken(User)) .useValue({}) - .overrideProvider(getRepositoryToken(PublicAuthToken)) + .overrideProvider(getRepositoryToken(ApiToken)) .useValue({}) .overrideProvider(getRepositoryToken(Identity)) .useValue({}) diff --git a/backend/src/seed.ts b/backend/src/seed.ts index 1c9b46dea..1316e6dbe 100644 --- a/backend/src/seed.ts +++ b/backend/src/seed.ts @@ -5,6 +5,7 @@ */ import { DataSource } from 'typeorm'; +import { ApiToken } from './api-token/api-token.entity'; import { Author } from './authors/author.entity'; import { Group } from './groups/group.entity'; import { HistoryEntry } from './history/history-entry.entity'; @@ -16,7 +17,6 @@ import { Note } from './notes/note.entity'; import { Tag } from './notes/tag.entity'; import { NoteGroupPermission } from './permissions/note-group-permission.entity'; import { NoteUserPermission } from './permissions/note-user-permission.entity'; -import { PublicAuthToken } from './public-auth-token/public-auth-token.entity'; import { Edit } from './revisions/edit.entity'; import { Revision } from './revisions/revision.entity'; import { Session } from './sessions/session.entity'; @@ -40,7 +40,7 @@ const dataSource = new DataSource({ HistoryEntry, MediaUpload, Tag, - PublicAuthToken, + ApiToken, Identity, Author, Session, diff --git a/backend/src/users/user.entity.ts b/backend/src/users/user.entity.ts index abb09033e..1b683451d 100644 --- a/backend/src/users/user.entity.ts +++ b/backend/src/users/user.entity.ts @@ -13,13 +13,13 @@ import { UpdateDateColumn, } from 'typeorm'; +import { ApiToken } from '../api-token/api-token.entity'; import { Author } from '../authors/author.entity'; import { Group } from '../groups/group.entity'; import { HistoryEntry } from '../history/history-entry.entity'; import { Identity } from '../identity/identity.entity'; import { MediaUpload } from '../media/media-upload.entity'; import { Note } from '../notes/note.entity'; -import { PublicAuthToken } from '../public-auth-token/public-auth-token.entity'; import { Username } from '../utils/username'; @Entity() @@ -56,8 +56,8 @@ export class User { @OneToMany((_) => Note, (note) => note.owner) ownedNotes: Promise; - @OneToMany((_) => PublicAuthToken, (authToken) => authToken.user) - publicAuthTokens: Promise; + @OneToMany((_) => ApiToken, (apiToken) => apiToken.user) + apiTokens: Promise; @OneToMany((_) => Identity, (identity) => identity.user) identities: Promise; @@ -89,7 +89,7 @@ export class User { newUser.photo = photoUrl ?? null; newUser.email = email ?? null; newUser.ownedNotes = Promise.resolve([]); - newUser.publicAuthTokens = Promise.resolve([]); + newUser.apiTokens = Promise.resolve([]); newUser.identities = Promise.resolve([]); newUser.groups = Promise.resolve([]); newUser.historyEntries = Promise.resolve([]); diff --git a/backend/test/test-setup.ts b/backend/test/test-setup.ts index fda3ed388..82b36e6b4 100644 --- a/backend/test/test-setup.ts +++ b/backend/test/test-setup.ts @@ -11,6 +11,11 @@ import { Test, TestingModule, TestingModuleBuilder } from '@nestjs/testing'; import { TypeOrmModule, TypeOrmModuleOptions } from '@nestjs/typeorm'; import { Connection, createConnection } from 'typeorm'; +import { ApiTokenWithSecretDto } from '../src/api-token/api-token.dto'; +import { ApiTokenGuard } from '../src/api-token/api-token.guard'; +import { ApiTokenModule } from '../src/api-token/api-token.module'; +import { ApiTokenService } from '../src/api-token/api-token.service'; +import { MockApiTokenGuard } from '../src/api-token/mock-api-token.guard'; import { PrivateApiModule } from '../src/api/private/private-api.module'; import { PublicApiModule } from '../src/api/public/public-api.module'; import { setupApp } from '../src/app-init'; @@ -73,11 +78,6 @@ import { NotesModule } from '../src/notes/notes.module'; import { NotesService } from '../src/notes/notes.service'; import { PermissionsModule } from '../src/permissions/permissions.module'; import { PermissionsService } from '../src/permissions/permissions.service'; -import { MockPublicAuthTokenGuard } from '../src/public-auth-token/mock-public-auth-token-guard.service'; -import { PublicAuthTokenWithSecretDto } from '../src/public-auth-token/public-auth-token.dto'; -import { PublicAuthTokenModule } from '../src/public-auth-token/public-auth-token.module'; -import { PublicAuthTokenService } from '../src/public-auth-token/public-auth-token.service'; -import { PublicAuthTokenGuard } from '../src/public-auth-token/public-auth-token.strategy'; import { RevisionsModule } from '../src/revisions/revisions.module'; import { RevisionsService } from '../src/revisions/revisions.service'; import { SessionModule } from '../src/sessions/session.module'; @@ -111,12 +111,12 @@ export class TestSetup { mediaService: MediaService; historyService: HistoryService; aliasService: AliasService; - publicAuthTokenService: PublicAuthTokenService; + publicAuthTokenService: ApiTokenService; sessionService: SessionService; revisionsService: RevisionsService; users: User[] = []; - authTokens: PublicAuthTokenWithSecretDto[] = []; + authTokens: ApiTokenWithSecretDto[] = []; anonymousNotes: Note[] = []; ownedNotes: Note[] = []; permissionsService: PermissionsService; @@ -294,7 +294,7 @@ export class TestSetupBuilder { GroupsModule, LoggerModule, MediaModule, - PublicAuthTokenModule, + ApiTokenModule, FrontendConfigModule, IdentityModule, SessionModule, @@ -341,9 +341,7 @@ export class TestSetupBuilder { this.testSetup.aliasService = this.testSetup.moduleRef.get(AliasService); this.testSetup.publicAuthTokenService = - this.testSetup.moduleRef.get( - PublicAuthTokenService, - ); + this.testSetup.moduleRef.get(ApiTokenService); this.testSetup.permissionsService = this.testSetup.moduleRef.get(PermissionsService); this.testSetup.sessionService = @@ -377,8 +375,8 @@ export class TestSetupBuilder { public withMockAuth() { this.setupPreCompile.push(async () => { this.testingModuleBuilder - .overrideGuard(PublicAuthTokenGuard) - .useClass(MockPublicAuthTokenGuard); + .overrideGuard(ApiTokenGuard) + .useClass(MockApiTokenGuard); return await Promise.resolve(); }); return this; diff --git a/yarn.lock b/yarn.lock index a928bb1e2..6e47123c3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2500,7 +2500,6 @@ __metadata: "@nestjs/config": "npm:3.2.3" "@nestjs/core": "npm:10.4.1" "@nestjs/event-emitter": "npm:2.0.4" - "@nestjs/passport": "npm:10.0.3" "@nestjs/platform-express": "npm:10.4.1" "@nestjs/platform-ws": "npm:10.4.1" "@nestjs/schedule": "npm:4.1.0" @@ -2523,8 +2522,6 @@ __metadata: "@types/mysql": "npm:2.15.25" "@types/node": "npm:20.16.2" "@types/node-fetch": "npm:2.6.11" - "@types/passport-http-bearer": "npm:1.0.41" - "@types/passport-local": "npm:1.0.38" "@types/pg": "npm:8.11.0" "@types/source-map-support": "npm:0.5.10" "@types/supertest": "npm:2.0.16" @@ -2560,10 +2557,6 @@ __metadata: mysql: "npm:2.18.1" node-fetch: "npm:2.7.0" openid-client: "npm:5.6.5" - passport: "npm:0.7.0" - passport-custom: "npm:1.1.1" - passport-http-bearer: "npm:1.0.1" - passport-local: "npm:1.0.0" pg: "npm:8.12.0" prettier: "npm:3.3.3" raw-body: "npm:3.0.0" @@ -3804,16 +3797,6 @@ __metadata: languageName: node linkType: hard -"@nestjs/passport@npm:10.0.3": - version: 10.0.3 - resolution: "@nestjs/passport@npm:10.0.3" - peerDependencies: - "@nestjs/common": ^8.0.0 || ^9.0.0 || ^10.0.0 - passport: ^0.4.0 || ^0.5.0 || ^0.6.0 || ^0.7.0 - checksum: 10c0/9e8a6103407852951625e75d0abd82a0f9786d4f27fc7036731ccbac39cbdb4e597a7313e53a266bb1fe1ec36c5193365abeb3264f5d285ba0aaeb23ee8e3f1b - languageName: node - linkType: hard - "@nestjs/platform-express@npm:10.4.1": version: 10.4.1 resolution: "@nestjs/platform-express@npm:10.4.1" @@ -4888,15 +4871,6 @@ __metadata: languageName: node linkType: hard -"@types/accepts@npm:*": - version: 1.3.7 - resolution: "@types/accepts@npm:1.3.7" - dependencies: - "@types/node": "npm:*" - checksum: 10c0/7b21efc78b98ed57063ac31588f871f11501c080cd1201ca3743cf02ee0aee74bdb5a634183bc0987dc8dc582b26316789fd203650319ccc89a66cf88311d64f - languageName: node - linkType: hard - "@types/aria-query@npm:^5.0.1": version: 5.0.4 resolution: "@types/aria-query@npm:5.0.4" @@ -4971,13 +4945,6 @@ __metadata: languageName: node linkType: hard -"@types/content-disposition@npm:*": - version: 0.5.8 - resolution: "@types/content-disposition@npm:0.5.8" - checksum: 10c0/f10baeab2ec44579012c1170763851687e740ea30531a80cd7a403475730ce7d7ead4f88927cea6970cc2d5e74fa7af38cdf4f039c5f115fba1bb98ec0014977 - languageName: node - linkType: hard - "@types/cookie-signature@npm:1.1.2": version: 1.1.2 resolution: "@types/cookie-signature@npm:1.1.2" @@ -5001,18 +4968,6 @@ __metadata: languageName: node linkType: hard -"@types/cookies@npm:*": - version: 0.9.0 - resolution: "@types/cookies@npm:0.9.0" - dependencies: - "@types/connect": "npm:*" - "@types/express": "npm:*" - "@types/keygrip": "npm:*" - "@types/node": "npm:*" - checksum: 10c0/ce95c1968532af674185efd4092cbdec8d5d3bda72f729e512bf37fa77877f466ad4bd5f00fca299f94c6e3d2a3875744ae5a705ffc5113183f5e46b76d8846a - languageName: node - linkType: hard - "@types/d3-color@npm:^1": version: 1.4.5 resolution: "@types/d3-color@npm:1.4.5" @@ -5145,13 +5100,6 @@ __metadata: languageName: node linkType: hard -"@types/http-assert@npm:*": - version: 1.5.5 - resolution: "@types/http-assert@npm:1.5.5" - checksum: 10c0/02e7ba584d6d14bdb4dad05dd36ecbc4a2f4209472287e6d558e222c93182214445a0c6cd096f114bfc88446be03d82ef6db24ecda13922b0d697918c76b4067 - languageName: node - linkType: hard - "@types/http-errors@npm:*": version: 2.0.4 resolution: "@types/http-errors@npm:2.0.4" @@ -5240,38 +5188,6 @@ __metadata: languageName: node linkType: hard -"@types/keygrip@npm:*": - version: 1.0.6 - resolution: "@types/keygrip@npm:1.0.6" - checksum: 10c0/1045a79913259f539ac1d04384ea8f61cf29f1d299040eb4b67d92304ec3bcea59b7e4b83cf95a73aa251ff62e55924e380d0c563a21fe8f6e91de20cc610386 - languageName: node - linkType: hard - -"@types/koa-compose@npm:*": - version: 3.2.8 - resolution: "@types/koa-compose@npm:3.2.8" - dependencies: - "@types/koa": "npm:*" - checksum: 10c0/f2bfb7376c1e9075e8df7a46a5fce073159b01b94ec7dcca6e9f68627d48ea86a726bcfbd06491e1c99f68c0f27b8174b498081f9a3e4f976694452b5d0b5f01 - languageName: node - linkType: hard - -"@types/koa@npm:*": - version: 2.15.0 - resolution: "@types/koa@npm:2.15.0" - dependencies: - "@types/accepts": "npm:*" - "@types/content-disposition": "npm:*" - "@types/cookies": "npm:*" - "@types/http-assert": "npm:*" - "@types/http-errors": "npm:*" - "@types/keygrip": "npm:*" - "@types/koa-compose": "npm:*" - "@types/node": "npm:*" - checksum: 10c0/3fd591e25ecffc32ffa7cb152d2c5caeccefe5a72cb09d187102d8f41101bdaeeb802a07a6672eac58f805fa59892e79c1cc203ca7b27b0de75d7eac508c2b47 - languageName: node - linkType: hard - "@types/linkify-it@npm:*": version: 3.0.5 resolution: "@types/linkify-it@npm:3.0.5" @@ -5377,47 +5293,6 @@ __metadata: languageName: node linkType: hard -"@types/passport-http-bearer@npm:1.0.41": - version: 1.0.41 - resolution: "@types/passport-http-bearer@npm:1.0.41" - dependencies: - "@types/express": "npm:*" - "@types/koa": "npm:*" - "@types/passport": "npm:*" - checksum: 10c0/85e399522b934678ada238be5971d5941fce298ed08831accd22d30597399ead321c8eec1f2249e81c4a03cb0bad1327eaaa6759b11d89868d8c388ca139d041 - languageName: node - linkType: hard - -"@types/passport-local@npm:1.0.38": - version: 1.0.38 - resolution: "@types/passport-local@npm:1.0.38" - dependencies: - "@types/express": "npm:*" - "@types/passport": "npm:*" - "@types/passport-strategy": "npm:*" - checksum: 10c0/a8464df03f073a4bb9aef7fa7cc9e76a355f149a1148330da88346d0e9c600f845601e99ed40949a13287eacae0a7ad01cd0eb5ca00d8b81da263b1dfc3aee60 - languageName: node - linkType: hard - -"@types/passport-strategy@npm:*": - version: 0.2.38 - resolution: "@types/passport-strategy@npm:0.2.38" - dependencies: - "@types/express": "npm:*" - "@types/passport": "npm:*" - checksum: 10c0/d7d2b1782a0845bd8914250aa9213a23c8d9c2225db46d854b77f2bf0129a789f46d4a5e9ad336eca277fc7e0a051c0a2942da5c864e7c6710763f102d9d4295 - languageName: node - linkType: hard - -"@types/passport@npm:*": - version: 1.0.16 - resolution: "@types/passport@npm:1.0.16" - dependencies: - "@types/express": "npm:*" - checksum: 10c0/7120c1186c8c67e3818683b5b6a4439d102f67da93cc1c7d8f32484f7bf10e8438dd5de0bf571910b23d06caa43dd1ad501933b48618bfaf54e63219500993fe - languageName: node - linkType: hard - "@types/pg@npm:8.11.0": version: 8.11.0 resolution: "@types/pg@npm:8.11.0" @@ -14611,51 +14486,6 @@ __metadata: languageName: node linkType: hard -"passport-custom@npm:1.1.1": - version: 1.1.1 - resolution: "passport-custom@npm:1.1.1" - dependencies: - passport-strategy: "npm:1.x.x" - checksum: 10c0/49b6fcd125dcd60272d4f02c27acb3b61b2659f3148bc10b31b7c439314054ce32c83a12f422215bdfa83d0463668a1f38ca6e8d68ccd32c922f73ccaa5ac9b3 - languageName: node - linkType: hard - -"passport-http-bearer@npm:1.0.1": - version: 1.0.1 - resolution: "passport-http-bearer@npm:1.0.1" - dependencies: - passport-strategy: "npm:1.x.x" - checksum: 10c0/e6de1de6a940857581c5add7c54ecb3a8573a17b0d2b78e21e888b6a4b375f85cad8d482dcb3cbf313b479e303c337e720028feb9ff9fb26d2ecef55a6b2f55a - languageName: node - linkType: hard - -"passport-local@npm:1.0.0": - version: 1.0.0 - resolution: "passport-local@npm:1.0.0" - dependencies: - passport-strategy: "npm:1.x.x" - checksum: 10c0/59becb988014921a5d6056470d9373c41db452fcf113323064f39d53baa6f184e72151bf269ca6770511f7f0260e13632dacc7b6afdbf60ebf63e90327e186d4 - languageName: node - linkType: hard - -"passport-strategy@npm:1.x.x": - version: 1.0.0 - resolution: "passport-strategy@npm:1.0.0" - checksum: 10c0/cf4cd32e1bf2538a239651581292fbb91ccc83973cde47089f00d2014c24bed63d3e65af21da8ddef649a8896e089eb9c3ac9ca639f36c797654ae9ee4ed65e1 - languageName: node - linkType: hard - -"passport@npm:0.7.0": - version: 0.7.0 - resolution: "passport@npm:0.7.0" - dependencies: - passport-strategy: "npm:1.x.x" - pause: "npm:0.0.1" - utils-merge: "npm:^1.0.1" - checksum: 10c0/08c940b86e4adbfe43e753f8097300a5a9d1ce9a3aa002d7b12d27770943a1a87202c54597c0f04dbfd4117d67de76303433577512fc19c7e364fec37b0d3fc5 - languageName: node - linkType: hard - "path-browserify@npm:^1.0.1": version: 1.0.1 resolution: "path-browserify@npm:1.0.1" @@ -14756,13 +14586,6 @@ __metadata: languageName: node linkType: hard -"pause@npm:0.0.1": - version: 0.0.1 - resolution: "pause@npm:0.0.1" - checksum: 10c0/f362655dfa7f44b946302c5a033148852ed5d05f744bd848b1c7eae6a543f743e79c7751ee896ba519fd802affdf239a358bb2ea5ca1b1c1e4e916279f83ab75 - languageName: node - linkType: hard - "peek-readable@npm:^4.1.0": version: 4.1.0 resolution: "peek-readable@npm:4.1.0" @@ -18313,7 +18136,7 @@ __metadata: languageName: node linkType: hard -"utils-merge@npm:1.0.1, utils-merge@npm:^1.0.1": +"utils-merge@npm:1.0.1": version: 1.0.1 resolution: "utils-merge@npm:1.0.1" checksum: 10c0/02ba649de1b7ca8854bfe20a82f1dfbdda3fb57a22ab4a8972a63a34553cf7aa51bc9081cf7e001b035b88186d23689d69e71b510e610a09a4c66f68aa95b672