Add support for API permission expiry
This commit is contained in:
parent
2b8f75b91b
commit
947a49761e
5 changed files with 42 additions and 0 deletions
|
@ -6,6 +6,7 @@ import { initAuth } from "./auth";
|
||||||
import { initDocs } from "./docs";
|
import { initDocs } from "./docs";
|
||||||
import { initGuildsAPI } from "./guilds";
|
import { initGuildsAPI } from "./guilds";
|
||||||
import { clientError, error, notFound } from "./responses";
|
import { clientError, error, notFound } from "./responses";
|
||||||
|
import { startBackgroundTasks } from "./tasks";
|
||||||
|
|
||||||
const app = express();
|
const app = express();
|
||||||
|
|
||||||
|
@ -47,3 +48,5 @@ app.use((req, res, next) => {
|
||||||
|
|
||||||
const port = (process.env.PORT && parseInt(process.env.PORT, 10)) || 3000;
|
const port = (process.env.PORT && parseInt(process.env.PORT, 10)) || 3000;
|
||||||
app.listen(port, "0.0.0.0", () => console.log(`API server listening on port ${port}`)); // tslint:disable-line
|
app.listen(port, "0.0.0.0", () => console.log(`API server listening on port ${port}`)); // tslint:disable-line
|
||||||
|
|
||||||
|
startBackgroundTasks();
|
||||||
|
|
10
backend/src/api/tasks.ts
Normal file
10
backend/src/api/tasks.ts
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
import { ApiPermissionAssignments } from "../data/ApiPermissionAssignments";
|
||||||
|
import { MINUTES } from "../utils";
|
||||||
|
|
||||||
|
export function startBackgroundTasks() {
|
||||||
|
// Clear expired API permissions every minute
|
||||||
|
const apiPermissions = new ApiPermissionAssignments();
|
||||||
|
setInterval(() => {
|
||||||
|
apiPermissions.clearExpiredPermissions();
|
||||||
|
}, 1 * MINUTES);
|
||||||
|
}
|
|
@ -55,4 +55,12 @@ export class ApiPermissionAssignments extends BaseRepository {
|
||||||
removeUser(guildId, userId) {
|
removeUser(guildId, userId) {
|
||||||
return this.apiPermissions.delete({ guild_id: guildId, type: ApiPermissionTypes.User, target_id: userId });
|
return this.apiPermissions.delete({ guild_id: guildId, type: ApiPermissionTypes.User, target_id: userId });
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async clearExpiredPermissions() {
|
||||||
|
await this.apiPermissions
|
||||||
|
.createQueryBuilder()
|
||||||
|
.where("expires_at IS NOT NULL")
|
||||||
|
.andWhere("expires_at <= NOW()")
|
||||||
|
.delete();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,6 +18,9 @@ export class ApiPermissionAssignment {
|
||||||
@Column("simple-array")
|
@Column("simple-array")
|
||||||
permissions: string[];
|
permissions: string[];
|
||||||
|
|
||||||
|
@Column()
|
||||||
|
expires_at: string;
|
||||||
|
|
||||||
@ManyToOne(
|
@ManyToOne(
|
||||||
type => ApiUserInfo,
|
type => ApiUserInfo,
|
||||||
userInfo => userInfo.permissionAssignments,
|
userInfo => userInfo.permissionAssignments,
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
import { MigrationInterface, QueryRunner, TableColumn } from "typeorm";
|
||||||
|
|
||||||
|
export class AddExpiresAtToApiPermissions1630837386329 implements MigrationInterface {
|
||||||
|
public async up(queryRunner: QueryRunner): Promise<void> {
|
||||||
|
await queryRunner.addColumns("api_permissions", [
|
||||||
|
new TableColumn({
|
||||||
|
name: "expires_at",
|
||||||
|
type: "boolean",
|
||||||
|
isNullable: true,
|
||||||
|
default: null,
|
||||||
|
}),
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
public async down(queryRunner: QueryRunner): Promise<void> {
|
||||||
|
await queryRunner.dropColumn("api_permissions", "expires_at");
|
||||||
|
}
|
||||||
|
}
|
Loading…
Add table
Reference in a new issue