Change createTokenForUser signature

user is now used instead of username Signed-off-by: Yannick Bungers <git@innay.de>
2024-11-23 02:06:29 -05:00 · 2021-10-13 22:59:51 +02:00 · 2021-10-13 22:59:51 +02:00 · 325e1893f8
commit 325e1893f8
parent d33cfa4541
3 changed files with 8 additions and 24 deletions
--- a/src/api/private/tokens/tokens.controller.ts
+++ b/src/api/private/tokens/tokens.controller.ts
@ -51,11 +51,7 @@ export class TokensController {
    @Body('validUntil') validUntil: TimestampMillis,
    @RequestUser() user: User,
  ): Promise<AuthTokenWithSecretDto> {
-    return await this.authService.createTokenForUser(
-      user.username,
-      label,
-      validUntil,
-    );
+    return await this.authService.createTokenForUser(user, label, validUntil);
  }

  @Delete('/:keyId')
--- a/src/auth/auth.service.spec.ts
+++ b/src/auth/auth.service.spec.ts
@ -229,10 +229,7 @@ describe('AuthService', () => {
    describe('works', () => {
      const identifier = 'testIdentifier';
      it('with validUntil 0', async () => {
-        jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce({
-          ...user,
-          authTokens: [authToken],
-        });
+        jest.spyOn(authTokenRepo, 'find').mockResolvedValueOnce([authToken]);
        jest
          .spyOn(authTokenRepo, 'save')
          .mockImplementationOnce(
@ -241,11 +238,7 @@ describe('AuthService', () => {
              return authTokenSaved;
            },
          );
-        const token = await service.createTokenForUser(
-          user.username,
-          identifier,
-          0,
-        );
+        const token = await service.createTokenForUser(user, identifier, 0);
        expect(token.label).toEqual(identifier);
        expect(
          token.validUntil.getTime() -
@ -255,10 +248,7 @@ describe('AuthService', () => {
        expect(token.secret.startsWith(token.keyId)).toBeTruthy();
      });
      it('with validUntil not 0', async () => {
-        jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce({
-          ...user,
-          authTokens: [authToken],
-        });
+        jest.spyOn(authTokenRepo, 'find').mockResolvedValueOnce([authToken]);
        jest
          .spyOn(authTokenRepo, 'save')
          .mockImplementationOnce(
@ -269,7 +259,7 @@ describe('AuthService', () => {
          );
        const validUntil = new Date().getTime() + 30000;
        const token = await service.createTokenForUser(
-          user.username,
+          user,
          identifier,
          validUntil,
        );
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@ -15,7 +15,6 @@ import {
  TooManyTokensError,
 } from '../errors/errors';
 import { ConsoleLoggerService } from '../logger/console-logger.service';
-import { UserRelationEnum } from '../users/user-relation.enum';
 import { User } from '../users/user.entity';
 import { UsersService } from '../users/users.service';
 import {
@ -58,13 +57,12 @@ export class AuthService {
  }

  async createTokenForUser(
-    username: string,
+    user: User,
    identifier: string,
    validUntil: TimestampMillis,
  ): Promise<AuthTokenWithSecretDto> {
-    const user = await this.usersService.getUserByUsername(username, [
-      UserRelationEnum.AUTHTOKENS,
-    ]);
+    user.authTokens = await this.getTokensByUser(user);
+
    if (user.authTokens.length >= 200) {
      // This is a very high ceiling unlikely to hinder legitimate usage,
      // but should prevent possible attack vectors