github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-01-28 17:48:09 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
236d29d0783f87d3693ee44f8524fedfc665fd17
directus/api/src/controllers/users.ts
Tanya Byrne 236d29d078 adding to all gets 
when fetching add ?TTL=600&dTTL=600 for use the cache
2020-08-24 15:39:51 +01:00

201 lines
5.3 KiB
TypeScript
Raw Blame History

import express from 'express';
import asyncHandler from 'express-async-handler';
import sanitizeQuery from '../middleware/sanitize-query';
import Joi from 'joi';
import { InvalidPayloadException, InvalidCredentialsException } from '../exceptions';
import useCollection from '../middleware/use-collection';
import cacheMiddleware from '../middleware/cache';
import UsersService from '../services/users';
import MetaService from '../services/meta';
import AuthService from '../services/authentication';
const router = express.Router();
router.use(useCollection('directus_users'));
router.post(
'/',
sanitizeQuery,
asyncHandler(async (req, res) => {
const service = new UsersService({ accountability: req.accountability });
const primaryKey = await service.create(req.body);
const item = await service.readByKey(primaryKey, req.sanitizedQuery);
return res.json({ data: item || null });
})
);
router.get(
'/',
sanitizeQuery,
cacheMiddleware,
asyncHandler(async (req, res) => {
const service = new UsersService({ accountability: req.accountability });
const metaService = new MetaService({ accountability: req.accountability });
const item = await service.readByQuery(req.sanitizedQuery);
const meta = await metaService.getMetaForQuery(req.collection, req.sanitizedQuery);
return res.json({ data: item || null, meta });
})
);
router.get(
'/me',
sanitizeQuery,
cacheMiddleware,
asyncHandler(async (req, res) => {
if (!req.accountability?.user) {
throw new InvalidCredentialsException();
}
const service = new UsersService({ accountability: req.accountability });
const item = await service.readByKey(req.accountability.user, req.sanitizedQuery);
return res.json({ data: item || null });
})
);
router.get(
'/:pk',
sanitizeQuery,
cacheMiddleware,
asyncHandler(async (req, res) => {
const service = new UsersService({ accountability: req.accountability });
const items = await service.readByKey(req.params.pk, req.sanitizedQuery);
return res.json({ data: items || null });
})
);
router.patch(
'/me',
sanitizeQuery,
asyncHandler(async (req, res) => {
if (!req.accountability?.user) {
throw new InvalidCredentialsException();
}
const service = new UsersService({ accountability: req.accountability });
const primaryKey = await service.update(req.body, req.accountability.user);
const item = await service.readByKey(primaryKey, req.sanitizedQuery);
return res.json({ data: item || null });
})
);
router.patch(
'/me/track/page',
sanitizeQuery,
asyncHandler(async (req, res) => {
if (!req.accountability?.user) {
throw new InvalidCredentialsException();
}
if (!req.body.last_page) {
throw new InvalidPayloadException(`"last_page" key is required.`);
}
const service = new UsersService();
await service.update({ last_page: req.body.last_page }, req.accountability.user);
return res.status(200).end();
})
);
router.patch(
'/:pk',
sanitizeQuery,
asyncHandler(async (req, res) => {
const service = new UsersService({ accountability: req.accountability });
const primaryKey = await service.update(req.body, req.params.pk);
const item = await service.readByKey(primaryKey, req.sanitizedQuery);
return res.json({ data: item || null });
})
);
router.delete(
'/:pk',
asyncHandler(async (req, res) => {
const service = new UsersService({ accountability: req.accountability });
await service.delete(req.params.pk);
return res.status(200).end();
})
);
const inviteSchema = Joi.object({
email: Joi.string().email().required(),
role: Joi.string().uuid({ version: 'uuidv4' }).required(),
});
router.post(
'/invite',
asyncHandler(async (req, res) => {
const { error } = inviteSchema.validate(req.body);
if (error) throw new InvalidPayloadException(error.message);
const service = new UsersService({ accountability: req.accountability });
await service.inviteUser(req.body.email, req.body.role);
res.end();
})
);
const acceptInviteSchema = Joi.object({
token: Joi.string().required(),
password: Joi.string().required(),
});
router.post(
'/invite/accept',
asyncHandler(async (req, res) => {
const { error } = acceptInviteSchema.validate(req.body);
if (error) throw new InvalidPayloadException(error.message);
const service = new UsersService({ accountability: req.accountability });
await service.acceptInvite(req.body.token, req.body.password);
res.end();
})
);
router.post(
'/me/tfa/enable/',
asyncHandler(async (req, res) => {
if (!req.accountability?.user) {
throw new InvalidCredentialsException();
}
const service = new UsersService({ accountability: req.accountability });
const url = await service.enableTFA(req.accountability.user);
return res.json({ data: { otpauth_url: url } });
})
);
router.post(
'/me/tfa/disable',
asyncHandler(async (req, res) => {
if (!req.accountability?.user) {
throw new InvalidCredentialsException();
}
if (!req.body.otp) {
throw new InvalidPayloadException(`"otp" is required`);
}
const service = new UsersService({ accountability: req.accountability });
const authService = new AuthService({ accountability: req.accountability });
const otpValid = await authService.verifyOTP(req.accountability.user, req.body.otp);
if (otpValid === false) {
throw new InvalidPayloadException(`"otp" is invalid`);
}
await service.disableTFA(req.accountability.user);
return res.status(200).end();
})
);
export default router;
Reference in New Issue View Git Blame Copy Permalink