mythic-insight/calcom
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 5
calcom/apps/web/server/routers/viewer/apiKeys.tsx
Agusti Fernandez faa67e0bb6
Feature: Adds api keys to cal.com webapp (#2277) 
* feat: add ApiKey model for new Api auth, owned by a user

* fix: remove metadata:Json and add note:String instead in new apiKey model

* fix: rename apiKey to apiKeys in moder User relation in schema.prisma

* feat: add hashedKey to apiKey and lastUsedAt datetime to keep track of usage of keys and makiung them securely stored in db

* fix 30 day -> 30 days in expiresAt

* feat: api keys frontend in security page

* adds hashedKey to api key model, add frontend api keys in security page

* Make frontend work to create api keys with or without expiry, note, defaults to 1 month expiry

* remove migration for now, add env.example to swagger, sync api

* feat: hashed api keys

* fix: minor refactor and cleanup in apiKeys generator

* add api key success modal

* sync apps/api

* feat: We have API Keys in Security =)

* remove swagger env from pr

* apps api sync

* remove comments in password section

* feat: migration for api keys schema

* sync api w main

* delete apps/api

* add back apps/api

* make min date and disabled optional props in datepicker

* feat fix type check errors

* fix : types

* fix: rmeove renaming of verificationrequest token indexes in migration

* fix: remove extra div

* Fixes for feedback in PR

* fix button />

* fix: rename weird naming of translation for you_will_only_view_it_once

* fix: remove ternary and use && to avoid null for false

* fix sync apps/api with main not old commit

* fix empty className

* fix: remove unused imports

* fix remove commented jsx fragment close

* fix rename editing

* improve translations

* feat: adds beta tag in security tab under api keys

* fix: use api keys everywhere

* fix: cleanup code in api keys

* fix: use watch and controller for neverexpires/datepicker

* Fixes: improve api key never expires

* add back change password h2 title section in security page

* fix update env API_KEY_ prefix default to cal_

* fix: improve eidt api keys modal

* fix: update edit mutation in viewer.apiKeys

* Update apps/web/ee/components/apiKeys/ApiKeyListItem.tsx

Co-authored-by: Alex van Andel <me@alexvanandel.com>

* fix: item: any to pass build

Co-authored-by: Agusti Fernandez Pardo <git@agusti.me>
Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
Co-authored-by: Omar López <zomars@me.com>
Co-authored-by: Alex van Andel <me@alexvanandel.com>
2022-04-15 20:58:34 -06:00

102 lines
2.5 KiB
TypeScript
Raw Blame History

import { v4 } from "uuid";
import { z } from "zod";
import { generateUniqueAPIKey } from "@calcom/ee/lib/api/apiKeys";
import { createProtectedRouter } from "@server/createRouter";
export const apiKeysRouter = createProtectedRouter()
.query("list", {
async resolve({ ctx }) {
return await ctx.prisma.apiKey.findMany({
where: {
userId: ctx.user.id,
},
orderBy: { createdAt: "desc" },
});
},
})
.mutation("create", {
input: z.object({
note: z.string().optional().nullish(),
expiresAt: z.date().optional().nullable(),
neverExpires: z.boolean().optional(),
}),
async resolve({ ctx, input }) {
const [hashedApiKey, apiKey] = generateUniqueAPIKey();
// Here we snap never expires before deleting it so it's not passed to prisma create call.
const neverExpires = input.neverExpires;
delete input.neverExpires;
await ctx.prisma.apiKey.create({
data: {
id: v4(),
userId: ctx.user.id,
...input,
// And here we pass a null to expiresAt if never expires is true. otherwise just pass expiresAt from input
expiresAt: neverExpires ? null : input.expiresAt,
hashedKey: hashedApiKey,
},
});
const prefixedApiKey = `${process.env.API_KEY_PREFIX ?? "cal_"}${apiKey}`;
return prefixedApiKey;
},
})
.mutation("edit", {
input: z.object({
id: z.string(),
note: z.string().optional().nullish(),
expiresAt: z.date().optional(),
}),
async resolve({ ctx, input }) {
const { id, ...data } = input;
const {
apiKeys: [updatedApiKey],
} = await ctx.prisma.user.update({
where: {
id: ctx.user.id,
},
data: {
apiKeys: {
update: {
where: {
id,
},
data,
},
},
},
select: {
apiKeys: {
where: {
id,
},
},
},
});
return updatedApiKey;
},
})
.mutation("delete", {
input: z.object({
id: z.string(),
eventTypeId: z.number().optional(),
}),
async resolve({ ctx, input }) {
const { id } = input;
await ctx.prisma.user.update({
where: {
id: ctx.user.id,
},
data: {
apiKeys: {
delete: {
id,
},
},
},
});
return {
id,
};
},
});
Reference in a new issue View git blame Copy permalink