Added API key authentication.
This commit is contained in:
@@ -46,7 +46,7 @@ export const actorsSchema = `
|
||||
query: String
|
||||
limit: Int! = 30
|
||||
page: Int! = 1
|
||||
order: [String]
|
||||
order: [String!]
|
||||
): ActorsResult
|
||||
|
||||
actor(
|
||||
@@ -54,7 +54,7 @@ export const actorsSchema = `
|
||||
): Actor
|
||||
|
||||
actorsById(
|
||||
ids: [Int]!
|
||||
ids: [Int!]!
|
||||
): [Actor]
|
||||
}
|
||||
|
||||
@@ -70,7 +70,7 @@ export const actorsSchema = `
|
||||
}
|
||||
|
||||
type ActorsResult {
|
||||
nodes: [Actor]
|
||||
nodes: [Actor!]!
|
||||
total: Int
|
||||
}
|
||||
|
||||
@@ -81,6 +81,8 @@ export const actorsSchema = `
|
||||
gender: String
|
||||
dateOfBirth: Date
|
||||
age: Int
|
||||
ageFromBirth: Int
|
||||
ageThen: Int
|
||||
origin: Location
|
||||
residence: Location
|
||||
height: Int
|
||||
|
||||
@@ -1,7 +1,16 @@
|
||||
/* eslint-disable no-param-reassign */
|
||||
import { stringify } from '@brillout/json-serializer/stringify'; /* eslint-disable-line import/extensions */
|
||||
import IPCIDR from 'ip-cidr';
|
||||
|
||||
import { login, signup } from '../auth.js';
|
||||
import {
|
||||
login,
|
||||
signup,
|
||||
fetchUserKeys,
|
||||
createKey,
|
||||
removeUserKey,
|
||||
flushUserKeys,
|
||||
} from '../auth.js';
|
||||
|
||||
import { fetchUser } from '../users.js';
|
||||
|
||||
function getIp(req) {
|
||||
@@ -68,4 +77,28 @@ export async function signupApi(req, res) {
|
||||
req.session.user = user;
|
||||
res.send(user);
|
||||
}
|
||||
|
||||
export async function fetchUserKeysApi(req, res) {
|
||||
const keys = await fetchUserKeys(req.user);
|
||||
|
||||
res.send(stringify(keys));
|
||||
}
|
||||
|
||||
export async function createKeyApi(req, res) {
|
||||
const key = await createKey(req.user);
|
||||
|
||||
res.send(stringify(key));
|
||||
}
|
||||
|
||||
export async function removeUserKeyApi(req, res) {
|
||||
await removeUserKey(req.user, req.params.keyIdentifier);
|
||||
|
||||
res.status(204).send();
|
||||
}
|
||||
|
||||
export async function flushUserKeysApi(req, res) {
|
||||
await flushUserKeys(req.user);
|
||||
|
||||
res.status(204).send();
|
||||
}
|
||||
/* eslint-enable no-param-reassign */
|
||||
|
||||
@@ -37,7 +37,7 @@ export const entitiesSchema = `
|
||||
}
|
||||
|
||||
type EntitiesResult {
|
||||
nodes: [Entity]
|
||||
nodes: [Entity!]!
|
||||
}
|
||||
|
||||
type Entity {
|
||||
@@ -47,7 +47,7 @@ export const entitiesSchema = `
|
||||
url: String
|
||||
type: String
|
||||
parent: Entity
|
||||
children: [Entity]
|
||||
children: [Entity!]!
|
||||
}
|
||||
`;
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import config from 'config';
|
||||
import { format } from 'date-fns';
|
||||
|
||||
import {
|
||||
@@ -24,6 +25,8 @@ import {
|
||||
fetchActorsByIdGraphql,
|
||||
} from './actors.js';
|
||||
|
||||
import { verifyKey } from '../auth.js';
|
||||
|
||||
const schema = buildSchema(`
|
||||
type Query {
|
||||
movies(
|
||||
@@ -61,6 +64,13 @@ const DateScalar = new GraphQLScalarType({
|
||||
});
|
||||
|
||||
export async function graphqlApi(req, res) {
|
||||
if (!config.apiAccess.graphqlEnabled) {
|
||||
res.status(404).send();
|
||||
return;
|
||||
}
|
||||
|
||||
await verifyKey(req.headers['api-user'], req.headers['api-key'], req);
|
||||
|
||||
const data = await graphql({
|
||||
schema,
|
||||
source: req.body.query,
|
||||
|
||||
@@ -75,9 +75,9 @@ export const scenesSchema = `
|
||||
scenes(
|
||||
query: String
|
||||
scope: String
|
||||
entities: [String]
|
||||
actorIds: [String]
|
||||
tags: [String]
|
||||
entities: [String!]
|
||||
actorIds: [String!]
|
||||
tags: [String!]
|
||||
limit: Int! = 30
|
||||
page: Int! = 1
|
||||
): ReleasesResult
|
||||
@@ -87,16 +87,16 @@ export const scenesSchema = `
|
||||
): Release
|
||||
|
||||
scenesById(
|
||||
ids: [Int]!
|
||||
ids: [Int!]!
|
||||
): [Release]
|
||||
}
|
||||
|
||||
type ReleasesAggregate {
|
||||
actors: [Actor]
|
||||
actors: [Actor!]
|
||||
}
|
||||
|
||||
type ReleasesResult {
|
||||
nodes: [Release]
|
||||
nodes: [Release!]!
|
||||
total: Int
|
||||
aggregates: ReleasesAggregate
|
||||
}
|
||||
@@ -112,13 +112,13 @@ export const scenesSchema = `
|
||||
shootId: Int
|
||||
channel: Entity
|
||||
network: Entity
|
||||
actors: [Actor]
|
||||
tags: [Tag]
|
||||
actors: [Actor!]!
|
||||
tags: [Tag!]!
|
||||
poster: Media
|
||||
trailer: Media
|
||||
photos: [Media]
|
||||
covers: [Media]
|
||||
movies: [Release]
|
||||
photos: [Media!]!
|
||||
covers: [Media!]!
|
||||
movies: [Release!]!
|
||||
}
|
||||
|
||||
type Tag {
|
||||
|
||||
@@ -28,6 +28,10 @@ import {
|
||||
loginApi,
|
||||
logoutApi,
|
||||
signupApi,
|
||||
fetchUserKeysApi,
|
||||
createKeyApi,
|
||||
removeUserKeyApi,
|
||||
flushUserKeysApi,
|
||||
} from './auth.js';
|
||||
|
||||
import {
|
||||
@@ -162,6 +166,12 @@ export default async function initServer() {
|
||||
router.post('/api/templates', createTemplateApi);
|
||||
router.delete('/api/templates/:templateId', removeTemplateApi);
|
||||
|
||||
// API KEYS
|
||||
router.get('/api/me/keys', fetchUserKeysApi);
|
||||
router.post('/api/keys', createKeyApi);
|
||||
router.delete('/api/me/keys/:keyIdentifier', removeUserKeyApi);
|
||||
router.delete('/api/me/keys', flushUserKeysApi);
|
||||
|
||||
// ALERTS
|
||||
router.get('/api/alerts', fetchAlertsApi);
|
||||
router.post('/api/alerts', createAlertApi);
|
||||
@@ -182,7 +192,10 @@ export default async function initServer() {
|
||||
// TAGS
|
||||
router.get('/api/tags', fetchTagsApi);
|
||||
|
||||
router.post('/graphql', graphqlApi);
|
||||
if (config.apiAccess.graphqlEnabled) {
|
||||
router.post('/graphql', graphqlApi);
|
||||
}
|
||||
|
||||
router.use(consentHandler);
|
||||
|
||||
router.use((req, res, next) => {
|
||||
|
||||
Reference in New Issue
Block a user