mirror of
https://github.com/directus/directus.git
synced 2026-02-02 16:14:56 -05:00
360 lines
8.3 KiB
TypeScript
360 lines
8.3 KiB
TypeScript
import express from 'express';
|
|
import asyncHandler from '../utils/async-handler';
|
|
import Joi from 'joi';
|
|
import { InvalidPayloadException, InvalidCredentialsException, ForbiddenException } from '../exceptions';
|
|
import { UsersService, MetaService, AuthenticationService } from '../services';
|
|
import useCollection from '../middleware/use-collection';
|
|
import { respond } from '../middleware/respond';
|
|
import { PrimaryKey } from '../types';
|
|
import { validateBatch } from '../middleware/validate-batch';
|
|
|
|
const router = express.Router();
|
|
|
|
router.use(useCollection('directus_users'));
|
|
|
|
router.post(
|
|
'/',
|
|
asyncHandler(async (req, res, next) => {
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
const savedKeys: PrimaryKey[] = [];
|
|
|
|
if (Array.isArray(req.body)) {
|
|
const keys = await service.createMany(req.body);
|
|
savedKeys.push(...keys);
|
|
} else {
|
|
const key = await service.createOne(req.body);
|
|
savedKeys.push(key);
|
|
}
|
|
|
|
try {
|
|
if (Array.isArray(req.body)) {
|
|
const items = await service.readMany(savedKeys, req.sanitizedQuery);
|
|
res.locals.payload = { data: items };
|
|
} else {
|
|
const item = await service.readOne(savedKeys[0], req.sanitizedQuery);
|
|
res.locals.payload = { data: item };
|
|
}
|
|
} catch (error) {
|
|
if (error instanceof ForbiddenException) {
|
|
return next();
|
|
}
|
|
|
|
throw error;
|
|
}
|
|
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
const readHandler = asyncHandler(async (req, res, next) => {
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
const metaService = new MetaService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
const item = await service.readByQuery(req.sanitizedQuery);
|
|
const meta = await metaService.getMetaForQuery('directus_users', req.sanitizedQuery);
|
|
|
|
res.locals.payload = { data: item || null, meta };
|
|
return next();
|
|
});
|
|
|
|
router.get('/', validateBatch('read'), readHandler, respond);
|
|
router.search('/', validateBatch('read'), readHandler, respond);
|
|
|
|
router.get(
|
|
'/me',
|
|
asyncHandler(async (req, res, next) => {
|
|
if (!req.accountability?.user) {
|
|
throw new InvalidCredentialsException();
|
|
}
|
|
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
try {
|
|
const item = await service.readOne(req.accountability.user, req.sanitizedQuery);
|
|
res.locals.payload = { data: item || null };
|
|
} catch (error) {
|
|
if (error instanceof ForbiddenException) {
|
|
res.locals.payload = { data: { id: req.accountability.user } };
|
|
return next();
|
|
}
|
|
|
|
throw error;
|
|
}
|
|
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.get(
|
|
'/:pk',
|
|
asyncHandler(async (req, res, next) => {
|
|
if (req.path.endsWith('me')) return next();
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
const items = await service.readOne(req.params.pk, req.sanitizedQuery);
|
|
|
|
res.locals.payload = { data: items || null };
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.patch(
|
|
'/me',
|
|
asyncHandler(async (req, res, next) => {
|
|
if (!req.accountability?.user) {
|
|
throw new InvalidCredentialsException();
|
|
}
|
|
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
const primaryKey = await service.updateOne(req.accountability.user, req.body);
|
|
const item = await service.readOne(primaryKey, req.sanitizedQuery);
|
|
|
|
res.locals.payload = { data: item || null };
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.patch(
|
|
'/me/track/page',
|
|
asyncHandler(async (req, res, next) => {
|
|
if (!req.accountability?.user) {
|
|
throw new InvalidCredentialsException();
|
|
}
|
|
|
|
if (!req.body.last_page) {
|
|
throw new InvalidPayloadException(`"last_page" key is required.`);
|
|
}
|
|
|
|
const service = new UsersService({ schema: req.schema });
|
|
await service.updateOne(req.accountability.user, { last_page: req.body.last_page });
|
|
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.patch(
|
|
'/',
|
|
validateBatch('update'),
|
|
asyncHandler(async (req, res, next) => {
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
let keys: PrimaryKey[] = [];
|
|
|
|
if (req.body.keys) {
|
|
keys = await service.updateMany(req.body.keys, req.body.data);
|
|
} else {
|
|
keys = await service.updateByQuery(req.body.query, req.body.data);
|
|
}
|
|
|
|
try {
|
|
const result = await service.readMany(keys, req.sanitizedQuery);
|
|
res.locals.payload = { data: result };
|
|
} catch (error) {
|
|
if (error instanceof ForbiddenException) {
|
|
return next();
|
|
}
|
|
|
|
throw error;
|
|
}
|
|
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.patch(
|
|
'/:pk',
|
|
asyncHandler(async (req, res, next) => {
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
const primaryKey = await service.updateOne(req.params.pk, req.body);
|
|
|
|
try {
|
|
const item = await service.readOne(primaryKey, req.sanitizedQuery);
|
|
res.locals.payload = { data: item || null };
|
|
} catch (error) {
|
|
if (error instanceof ForbiddenException) {
|
|
return next();
|
|
}
|
|
|
|
throw error;
|
|
}
|
|
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.delete(
|
|
'/',
|
|
validateBatch('delete'),
|
|
asyncHandler(async (req, res, next) => {
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
if (Array.isArray(req.body)) {
|
|
await service.deleteMany(req.body);
|
|
} else if (req.body.keys) {
|
|
await service.deleteMany(req.body.keys);
|
|
} else {
|
|
await service.deleteByQuery(req.body.query);
|
|
}
|
|
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.delete(
|
|
'/:pk',
|
|
asyncHandler(async (req, res, next) => {
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
await service.deleteOne(req.params.pk);
|
|
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
const inviteSchema = Joi.object({
|
|
email: Joi.alternatives(Joi.string().email(), Joi.array().items(Joi.string().email())).required(),
|
|
role: Joi.string().uuid({ version: 'uuidv4' }).required(),
|
|
invite_url: Joi.string().uri(),
|
|
});
|
|
|
|
router.post(
|
|
'/invite',
|
|
asyncHandler(async (req, res, next) => {
|
|
const { error } = inviteSchema.validate(req.body);
|
|
if (error) throw new InvalidPayloadException(error.message);
|
|
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
await service.inviteUser(req.body.email, req.body.role, req.body.invite_url || null);
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
const acceptInviteSchema = Joi.object({
|
|
token: Joi.string().required(),
|
|
password: Joi.string().required(),
|
|
});
|
|
|
|
router.post(
|
|
'/invite/accept',
|
|
asyncHandler(async (req, res, next) => {
|
|
const { error } = acceptInviteSchema.validate(req.body);
|
|
if (error) throw new InvalidPayloadException(error.message);
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
await service.acceptInvite(req.body.token, req.body.password);
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.post(
|
|
'/me/tfa/enable/',
|
|
asyncHandler(async (req, res, next) => {
|
|
if (!req.accountability?.user) {
|
|
throw new InvalidCredentialsException();
|
|
}
|
|
|
|
if (!req.body.password) {
|
|
throw new InvalidPayloadException(`"password" is required`);
|
|
}
|
|
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
const authService = new AuthenticationService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
await authService.verifyPassword(req.accountability.user, req.body.password);
|
|
|
|
const { url, secret } = await service.enableTFA(req.accountability.user);
|
|
|
|
res.locals.payload = { data: { secret, otpauth_url: url } };
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
router.post(
|
|
'/me/tfa/disable',
|
|
asyncHandler(async (req, res, next) => {
|
|
if (!req.accountability?.user) {
|
|
throw new InvalidCredentialsException();
|
|
}
|
|
|
|
if (!req.body.otp) {
|
|
throw new InvalidPayloadException(`"otp" is required`);
|
|
}
|
|
|
|
const service = new UsersService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
const authService = new AuthenticationService({
|
|
accountability: req.accountability,
|
|
schema: req.schema,
|
|
});
|
|
|
|
const otpValid = await authService.verifyOTP(req.accountability.user, req.body.otp);
|
|
|
|
if (otpValid === false) {
|
|
throw new InvalidPayloadException(`"otp" is invalid`);
|
|
}
|
|
|
|
await service.disableTFA(req.accountability.user);
|
|
return next();
|
|
}),
|
|
respond
|
|
);
|
|
|
|
export default router;
|