Add ability for auth plugins to hook tokens validity

2025-02-25 18:55:32 -06:00 · 2020-04-24 11:33:01 +02:00
parent e1c5503114
commit e307e4fce3
16 changed files with 298 additions and 132 deletions
--- a/shared/models/activitypub/context.ts
+++ b/shared/models/activitypub/context.ts
@@ -0,0 +1 @@
+export type ContextType = 'All' | 'View' | 'Announce' | 'CacheFile'
--- a/shared/models/plugins/register-server-auth.model.ts
+++ b/shared/models/plugins/register-server-auth.model.ts
@@ -1,4 +1,5 @@
 import { UserRole } from '@shared/models'
+import { MOAuthToken } from '@server/typings/models'

 export type RegisterServerAuthOptions = RegisterServerAuthPassOptions | RegisterServerAuthExternalOptions

@@ -6,11 +7,16 @@ export interface RegisterServerAuthPassOptions {
  // Authentication name (a plugin can register multiple auth strategies)
  authName: string

-  onLogout?: Function
+  // Called by PeerTube when a user from your plugin logged out
+  onLogout?(): void

  // Weight of this authentication so PeerTube tries the auth methods in DESC weight order
  getWeight(): number

+  // Your plugin can hook PeerTube access/refresh token validity
+  // So you can control for your plugin the user session lifetime
+  hookTokenValidity?(options: { token: MOAuthToken, type: 'access' | 'refresh' }): Promise<{ valid: boolean }>
+
  // Used by PeerTube to login a user
  // Returns null if the login failed, or { username, email } on success
  login(body: {
--- a/shared/models/server/job.model.ts
+++ b/shared/models/server/job.model.ts
@@ -1,6 +1,6 @@
-import { ContextType } from '@server/helpers/activitypub'
 import { SendEmailOptions } from './emailer.model'
 import { VideoResolution } from '@shared/models'
+import { ContextType } from '../activitypub/context'

 export type JobState = 'active' | 'completed' | 'failed' | 'waiting' | 'delayed'
				`@@ -0,0 +1 @@`
				`export type ContextType = 'All' \| 'View' \| 'Announce' \| 'CacheFile'`