forked from mirrors/homebox
feat: auth-roles, image-gallery, click-to-open (#166)
* schema changes * db generate * db migration * add role based middleware * implement attachment token access * generate docs * implement role based auth * replace attachment specific tokens with gen token * run linter * cleanup temporary token implementation
This commit is contained in:
Hayden
GitHub
parent
974d6914a2
commit
de419dc37d
48 changed files with 3127 additions and 244 deletions
|
|
@ -27,9 +27,21 @@ export function parseDate<T>(obj: T, keys: Array<keyof T> = []): T {
|
|||
|
||||
export class BaseAPI {
|
||||
http: Requests;
|
||||
attachmentToken: string;
|
||||
|
||||
constructor(requests: Requests) {
|
||||
constructor(requests: Requests, attachmentToken = "") {
|
||||
this.http = requests;
|
||||
this.attachmentToken = attachmentToken;
|
||||
}
|
||||
|
||||
// if a attachmentToken is present it will be added to URL as a query param
|
||||
// this is done with a simple appending of the query param to the URL. If your
|
||||
// URL already has a query param, this will not work.
|
||||
authURL(url: string): string {
|
||||
if (this.attachmentToken) {
|
||||
return `/api/v1${url}?access_token=${this.attachmentToken}`;
|
||||
}
|
||||
return url;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -1,13 +1,6 @@
|
|||
import { BaseAPI, route } from "../base";
|
||||
import { parseDate } from "../base/base-api";
|
||||
import {
|
||||
ItemAttachmentToken,
|
||||
ItemAttachmentUpdate,
|
||||
ItemCreate,
|
||||
ItemOut,
|
||||
ItemSummary,
|
||||
ItemUpdate,
|
||||
} from "../types/data-contracts";
|
||||
import { ItemAttachmentUpdate, ItemCreate, ItemOut, ItemSummary, ItemUpdate } from "../types/data-contracts";
|
||||
import { AttachmentTypes, PaginationResult } from "../types/non-generated";
|
||||
|
||||
export type ItemsQuery = {
|
||||
|
|
@ -79,18 +72,6 @@ export class ItemsApi extends BaseAPI {
|
|||
});
|
||||
}
|
||||
|
||||
async getAttachmentUrl(id: string, attachmentId: string): Promise<string> {
|
||||
const payload = await this.http.get<ItemAttachmentToken>({
|
||||
url: route(`/items/${id}/attachments/${attachmentId}`),
|
||||
});
|
||||
|
||||
if (!payload.data) {
|
||||
return "";
|
||||
}
|
||||
|
||||
return route(`/items/${id}/attachments/download`, { token: payload.data.token });
|
||||
}
|
||||
|
||||
async deleteAttachment(id: string, attachmentId: string) {
|
||||
return await this.http.delete<void>({ url: route(`/items/${id}/attachments/${attachmentId}`) });
|
||||
}
|
||||
|
|
|
|||
|
|
@ -324,6 +324,7 @@ export interface ItemAttachmentToken {
|
|||
}
|
||||
|
||||
export interface TokenResponse {
|
||||
attachmentToken: string;
|
||||
expiresAt: Date;
|
||||
token: string;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,8 +15,8 @@ export class UserClient extends BaseAPI {
|
|||
user: UserApi;
|
||||
actions: ActionsAPI;
|
||||
|
||||
constructor(requests: Requests) {
|
||||
super(requests);
|
||||
constructor(requests: Requests, attachmentToken: string) {
|
||||
super(requests, attachmentToken);
|
||||
|
||||
this.locations = new LocationsApi(requests);
|
||||
this.labels = new LabelsApi(requests);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue