fixed associations, user can auth via api-key

2025-06-22 15:35:03 +00:00 · 2024-06-01 18:19:39 +02:00 · 2024-06-01 18:19:39 +02:00 · a928e7a917
commit a928e7a917
parent a884268d97
5 changed files with 24 additions and 15 deletions
--- a/server-node/src/auth/apikey/apikey-controller.ts
+++ b/server-node/src/auth/apikey/apikey-controller.ts
@ -1,6 +1,6 @@
 import { Error as SequelizeError } from "sequelize";
-import { APIKey } from "./apikey-model";
 import { User } from "../user/user-model";
+import { APIKey } from "./apikey-model";

 export function findOne(params: {apikey?: string}, cb: (err: Error | null, apikey?: APIKey | undefined, info?: Object | undefined) => void): undefined {
    const query: any = params;
@ -16,7 +16,8 @@ export function findOne(params: {apikey?: string}, cb: (err: Error | null, apike
    }

    APIKey.findOne({
-        where: query
+        where: query,
+        include: APIKey.associations.User
    }).then(apikey => {
        if(apikey)
            cb(null, apikey);
@ -27,9 +28,11 @@ export function findOne(params: {apikey?: string}, cb: (err: Error | null, apike
    );
 }

-export async function createAPIKey(user: User | undefined): Promise<APIKey> {
+export async function createAPIKey(user: User | undefined): Promise<APIKey | undefined> {
+    if(!user) throw new Error("User was undefined");
+
    const apikey = crypto.randomUUID(); // TODO: Is this secure enough?
-    const apikeyEntry = await APIKey.create({ apikey: apikey })
-    await user?.addAPIKey(apikeyEntry);
+    const apikeyEntry = await user.createAPIKey({ apikey: apikey });
+
    return apikeyEntry;
 }
--- a/server-node/src/auth/apikey/apikey-model.ts
+++ b/server-node/src/auth/apikey/apikey-model.ts
@ -7,8 +7,10 @@ export class APIKey extends Model<InferAttributes<APIKey>, InferCreationAttribut
    declare id: CreationOptional<number>;
    declare apikey: string;

-    declare ownerId: ForeignKey<User['id']>;
-    declare owner?: NonAttribute<User>;
+    declare UserId: ForeignKey<User['id']>;
+
+    // `User` is an eagerly-loaded association.
+    declare User?: NonAttribute<User>;
    
    declare createdAt: CreationOptional<Date>;
    declare updatedAt: CreationOptional<Date>;
--- a/server-node/src/auth/passport-config.ts
+++ b/server-node/src/auth/passport-config.ts
@ -37,7 +37,7 @@ export function initialize(passport: typeof import("passport")) {
                if (!apikey) { 
                    return done(null, false, info);
                }
-                return done(null, apikey.owner);
+                return done(null, apikey.User);
            });
        }
    ));
--- a/server-node/src/auth/user/user-model.ts
+++ b/server-node/src/auth/user/user-model.ts
@ -30,7 +30,7 @@ export class User extends Model<InferAttributes<User>, InferCreationAttributes<U
    declare hasAccessRule: HasManyHasAssociationMixin<AccessRule | undefined, number>;
    declare hasAccessRules: HasManyHasAssociationsMixin<AccessRule | undefined, number>;
    declare countAccessRules: HasManyCountAssociationsMixin;
-    declare createAccessRule: HasManyCreateAssociationMixin<AccessRule, 'ownerId'>;
+    declare createAccessRule: HasManyCreateAssociationMixin<AccessRule, 'UserId'>;

    declare getAPIKeys: HasManyGetAssociationsMixin<APIKey | undefined>; // Note the null assertions!
    declare addAPIKey: HasManyAddAssociationMixin<APIKey | undefined, number>;
@ -41,7 +41,11 @@ export class User extends Model<InferAttributes<User>, InferCreationAttributes<U
    declare hasAPIKey: HasManyHasAssociationMixin<APIKey | undefined, number>;
    declare hasAPIKeys: HasManyHasAssociationsMixin<APIKey | undefined, number>;
    declare countAPIKeys: HasManyCountAssociationsMixin;
-    declare createAPIKey: HasManyCreateAssociationMixin<APIKey, 'ownerId'>;
+    declare createAPIKey: HasManyCreateAssociationMixin<APIKey, 'UserId'>;
+
+    // You can also pre-declare possible inclusions, these will only be populated if you
+    // actively include a relation.
+    declare apikeys?: NonAttribute<APIKey[]>;

    declare createdAt: CreationOptional<Date>;
    declare updatedAt: CreationOptional<Date>;
@ -63,8 +67,8 @@ export class AccessRule extends Model<InferAttributes<AccessRule>, InferCreation
    declare id: CreationOptional<number>;
    declare grants: string;

-    declare ownerId: ForeignKey<User['id']>;
-    declare owner?: NonAttribute<User>;
+    declare UserId: ForeignKey<User['id']>;
+    declare User?: NonAttribute<User>;
    
    declare createdAt: CreationOptional<Date>;
    declare updatedAt: CreationOptional<Date>;
--- a/server-node/src/data/sequelize-relations.ts
+++ b/server-node/src/data/sequelize-relations.ts
@ -44,8 +44,8 @@ Password.init(
    },
    { sequelize },
 );
-Password.hasOne(User);
 User.hasOne(Password);
+Password.belongsTo(User);

 AccessRule.init(
    {
@ -60,8 +60,8 @@ AccessRule.init(
    },
    { sequelize },
 );
-AccessRule.hasOne(User);
 User.hasMany(AccessRule);
+AccessRule.belongsTo(User);

 APIKey.init(
    {
@ -76,8 +76,8 @@ APIKey.init(
    },
    { sequelize },
 );
-APIKey.hasOne(User);
 User.hasMany(APIKey);
+APIKey.belongsTo(User);

 export default sequelize;