forked from engineering/cloudservices
add utility for revoking bearer tokens
parent
e09665bad6
commit
891e77a43f
|
@ -28,8 +28,7 @@ export default class Root extends Route {
|
||||||
cpuClock: os.cpus()[0].speed / 1000,
|
cpuClock: os.cpus()[0].speed / 1000,
|
||||||
cpuCores: os.cpus().length,
|
cpuCores: os.cpus().length,
|
||||||
hostname: os.hostname(),
|
hostname: os.hostname(),
|
||||||
ipv4: os.networkInterfaces().eth0.filter((r) => r.family === 'IPv4')[0].address,
|
ipv4: os.networkInterfaces().enp0s3.filter((r) => r.family === 'IPv4')[0].address,
|
||||||
ipv6: os.networkInterfaces().eth0.filter((r) => r.family === 'IPv6')[0].address,
|
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
res.status(200).json({ code: this.constants.codes.SUCCESS, message: response });
|
res.status(200).json({ code: this.constants.codes.SUCCESS, message: response });
|
||||||
|
|
|
@ -40,6 +40,7 @@ export default class Security {
|
||||||
const res: any = jwt.verify(bearer, this.keys.key, { issuer: 'Library of Code sp-us | CSD' });
|
const res: any = jwt.verify(bearer, this.keys.key, { issuer: 'Library of Code sp-us | CSD' });
|
||||||
const account = await this.client.db.Account.findOne({ _id: res.id });
|
const account = await this.client.db.Account.findOne({ _id: res.id });
|
||||||
if (!account) return null;
|
if (!account) return null;
|
||||||
|
if (account.revokedBearers?.includes(bearer)) return null;
|
||||||
return account;
|
return account;
|
||||||
} catch {
|
} catch {
|
||||||
return null;
|
return null;
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
import { Message } from 'eris';
|
import { Message } from 'eris';
|
||||||
import { Client, Command } from '../class';
|
import { Client, Command } from '../class';
|
||||||
|
import Bearer_Revoke from './bearer_revoke';
|
||||||
|
|
||||||
export default class Bearer extends Command {
|
export default class Bearer extends Command {
|
||||||
constructor(client: Client) {
|
constructor(client: Client) {
|
||||||
|
@ -7,6 +8,7 @@ export default class Bearer extends Command {
|
||||||
this.name = 'bearer';
|
this.name = 'bearer';
|
||||||
this.description = 'Creates a bearer token.';
|
this.description = 'Creates a bearer token.';
|
||||||
this.usage = `${this.client.config.prefix}bearer`;
|
this.usage = `${this.client.config.prefix}bearer`;
|
||||||
|
this.subcmds = [Bearer_Revoke];
|
||||||
this.guildOnly = false;
|
this.guildOnly = false;
|
||||||
this.enabled = true;
|
this.enabled = true;
|
||||||
}
|
}
|
||||||
|
@ -19,7 +21,7 @@ export default class Bearer extends Command {
|
||||||
const bearer = await this.client.server.security.createBearer(account._id);
|
const bearer = await this.client.server.security.createBearer(account._id);
|
||||||
const dm = await this.client.getDMChannel(message.author.id);
|
const dm = await this.client.getDMChannel(message.author.id);
|
||||||
const msg = await dm.createMessage(`__**Library of Code sp-us | Cloud Services [API]**__\n*This message will automatically be deleted in 60 seconds, copy the token and save it. You cannot recover it.*\n\n${bearer}`);
|
const msg = await dm.createMessage(`__**Library of Code sp-us | Cloud Services [API]**__\n*This message will automatically be deleted in 60 seconds, copy the token and save it. You cannot recover it.*\n\n${bearer}`);
|
||||||
this.error(message.channel, 'Bearer token sent to direct messages.');
|
this.success(message.channel, 'Bearer token sent to direct messages.');
|
||||||
return setTimeout(() => {
|
return setTimeout(() => {
|
||||||
msg.delete();
|
msg.delete();
|
||||||
}, 60000);
|
}, 60000);
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
import { Message } from 'eris';
|
||||||
|
import { Client, Command } from '../class';
|
||||||
|
|
||||||
|
export default class Bearer_Revoke extends Command {
|
||||||
|
constructor(client: Client) {
|
||||||
|
super(client);
|
||||||
|
this.name = 'revoke';
|
||||||
|
this.description = 'Revokes an API bearer token.';
|
||||||
|
this.usage = `${this.client.config.prefix}bearer revoke <token>`;
|
||||||
|
this.enabled = true;
|
||||||
|
this.guildOnly = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async run(message: Message, args: string[]) {
|
||||||
|
try {
|
||||||
|
if (!args[0]) return this.client.commands.get('help').run(message, ['bearer', this.name]);
|
||||||
|
const account = await this.client.db.Account.findOne({ userID: message.author.id });
|
||||||
|
if (!account) return this.error(message.channel, 'You do not have an account.');
|
||||||
|
|
||||||
|
const bearerVerify = await this.client.server.security.checkBearer(args[0]);
|
||||||
|
if (!bearerVerify || bearerVerify?.userID !== account.userID) return this.error(message.channel, 'Permission denied.');
|
||||||
|
if (account.revokedBearers?.includes(args[0])) return this.error(message.channel, 'This bearer token is already revoked.');
|
||||||
|
await account.updateOne({ $addToSet: { revokedBearers: args[0] } });
|
||||||
|
return this.success(message.channel, 'Revoked bearer token.');
|
||||||
|
} catch (err) {
|
||||||
|
return this.client.util.handleError(err, message, this);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue