| 33 | @UseGuards(TokenAccessGuard) |
| 34 | @DisableTeamAccessGuard() |
| 35 | export default class TokenHttpController { |
| 36 | constructor(private service: TokenService) {} |
| 37 | |
| 38 | @Get() |
| 39 | @HttpCode(HttpStatus.OK) |
| 40 | @ApiOperation({ |
| 41 | description: "Access token's support is to provide secure access to the HTTP api without a cookie.", |
| 42 | summary: 'List of tokens.', |
| 43 | }) |
| 44 | @ApiOkResponse({ |
| 45 | type: TokenDto, |
| 46 | isArray: true, |
| 47 | description: 'Token list fetched.', |
| 48 | }) |
| 49 | @ApiForbiddenResponse({ description: 'Unauthorized request for tokens.' }) |
| 50 | async getTokens(@IdentityFromRequest() identity: Identity): Promise<TokenDto[]> { |
| 51 | return this.service.getTokenList(identity) |
| 52 | } |
| 53 | |
| 54 | @Get(ROUTE_TOKEN_ID) |
| 55 | @HttpCode(HttpStatus.OK) |
| 56 | @ApiOperation({ |
| 57 | description: |
| 58 | "Access token's details are `name`, `id`, and the time of creation and expiration. Request must include `tokenId`.", |
| 59 | summary: 'Fetch token details.', |
| 60 | }) |
| 61 | @ApiOkResponse({ type: TokenDto, description: 'Token details listed.' }) |
| 62 | @ApiBadRequestResponse({ description: 'Bad request for token details.' }) |
| 63 | @ApiForbiddenResponse({ description: 'Unauthorized request for token details.' }) |
| 64 | @ApiNotFoundResponse({ description: 'Token not found.' }) |
| 65 | @UuidParams(PARAM_TOKEN_ID) |
| 66 | async getToken(@TokenId() id: string, @IdentityFromRequest() identity: Identity): Promise<TokenDto> { |
| 67 | return this.service.getToken(id, identity) |
| 68 | } |
| 69 | |
| 70 | @Post() |
| 71 | @HttpCode(HttpStatus.CREATED) |
| 72 | @CreatedWithLocation() |
| 73 | @ApiOperation({ |
| 74 | description: 'Request must include `name` and `expirationInDays`.', |
| 75 | summary: 'Create access token.', |
| 76 | }) |
| 77 | @ApiBody({ type: GenerateTokenDto, description: 'Token created.' }) |
| 78 | @ApiCreatedResponse({ |
| 79 | type: GeneratedTokenDto, |
| 80 | headers: API_CREATED_LOCATION_HEADERS, |
| 81 | }) |
| 82 | @ApiBadRequestResponse({ description: 'Bad request for token creation.' }) |
| 83 | @ApiForbiddenResponse({ description: 'Unauthorized request for token creation.' }) |
| 84 | @ApiConflictResponse({ description: 'Token name taken.' }) |
| 85 | async generateToken( |
| 86 | @Body(TokenValidationPipe) request: GenerateTokenDto, |
| 87 | @IdentityFromRequest() identity: Identity, |
| 88 | ): Promise<CreatedResponse<GeneratedTokenDto>> { |
| 89 | const token = await this.service.generateToken(request, identity) |
| 90 | |
| 91 | return { |
| 92 | url: `/tokens/${token.id}`, |
nothing calls this directly
no test coverage detected