-
Notifications
You must be signed in to change notification settings - Fork 50
Expand file tree
/
Copy pathdevices.ts
More file actions
146 lines (120 loc) · 4.37 KB
/
devices.ts
File metadata and controls
146 lines (120 loc) · 4.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
import * as jose from "jose";
import { prisma } from "./db";
import express from "express";
import {
BadRequestError,
NotFoundError,
UnauthorizedError,
UnprocessableEntityError,
} from "./errors";
import * as crypto from "crypto";
import { authenticated } from "./auth";
import { activeConnections } from "./webrtc-signaling";
export const List = async (req: express.Request, res: express.Response) => {
const idToken = req.session?.id_token;
const { iss, sub } = jose.decodeJwt(idToken);
// Authorization server’s identifier for the user
const isGoogle = iss === "https://accounts.google.com";
if (isGoogle) {
const devices = await prisma.device.findMany({
where: { user: { googleId: sub } },
select: { id: true, name: true, lastSeen: true },
});
return res.json({
devices: devices.map(device => {
const activeDevice = activeConnections.get(device.id);
const version = activeDevice?.[2] || null;
return {
...device,
online: !!activeDevice,
version,
};
}),
});
} else {
throw new BadRequestError("Token is not from Google");
}
};
export const Retrieve = async (
req: express.Request<{ id: string }>,
res: express.Response
) => {
const idToken = req.session?.id_token;
const { sub } = jose.decodeJwt(idToken);
const { id } = req.params;
if (!id) throw new UnprocessableEntityError("Missing device id in params");
const device = await prisma.device.findUnique({
where: { id, user: { googleId: sub } },
select: { id: true, name: true, user: { select: { googleId: true } } },
});
if (!device) throw new NotFoundError("Device not found");
return res.status(200).json({ device });
};
export const Update = async (
req: express.Request<{ id: string }>,
res: express.Response
) => {
const idToken = req.session?.id_token;
const { sub } = jose.decodeJwt(idToken);
if (!sub) throw new UnauthorizedError("Missing sub in token");
const { id } = req.params;
if (!id) throw new UnprocessableEntityError("Missing device id in params");
const { name } = req.body as { name: string };
if (!name) throw new UnprocessableEntityError("Missing name in body");
const device = await prisma.device.update({
where: { id, user: { googleId: sub } },
data: { name },
select: { id: true },
});
return res.json(device);
};
export const Token = async (req: express.Request, res: express.Response) => {
const { tempToken } = req.body as { tempToken: string };
if (!tempToken) throw new UnprocessableEntityError("Missing temp token in body");
const device = await prisma.device.findFirst({ where: { tempToken } });
if (!device?.tempToken) throw new NotFoundError("Device not found");
if ((device?.tempTokenExpiresAt || 0) < new Date())
throw new UnauthorizedError("Token expired");
const secretToken = crypto.randomBytes(20).toString("hex");
await prisma.device.update({
where: { id: device.id },
data: { secretToken, tempToken: null, tempTokenExpiresAt: null },
});
return res.json({ secretToken });
};
export const Delete = async (
req: express.Request<{ id: string }>,
res: express.Response
) => {
if (req.headers.authorization?.startsWith("Bearer ")) {
const secretToken = req.headers.authorization.split("Bearer ")[1];
const hasDevice = await prisma.device.findUnique({ where: { secretToken } });
if (!hasDevice) throw new NotFoundError("Device not found");
await prisma.device.delete({ where: { secretToken } });
return res.status(204).send();
}
// If the user doesn't have a secret token, we check their session cookie
try {
await new Promise<void>(resolve => {
authenticated(req, res, () => {
resolve();
});
});
} catch (error) {
throw new BadRequestError("Unauthorized");
}
const idToken = req.session?.id_token;
const { sub } = jose.decodeJwt(idToken);
if (!sub) throw new UnauthorizedError("Missing sub in token");
const { id } = req.params;
if (!id) throw new UnprocessableEntityError("Missing device id in params");
await prisma.device.delete({ where: { id, user: { googleId: sub } } });
// We just removed the device, so we should close any running open socket connections
const conn = activeConnections.get(id);
if (conn) {
const [socket] = conn;
socket.send("Deregistered from server");
socket.close();
}
return res.status(204).send();
};