feat(token.create): expiresIn param (#611)

Fixes vatesfr/xo-web#1769
2017-10-17 15:22:34 +02:00 · 2017-10-17 15:22:34 +02:00 · 28172607c6
commit 28172607c6
parent cdd9eed3d8
2 changed files with 22 additions and 5 deletions
--- a/src/api/token.js
+++ b/src/api/token.js
@ -1,12 +1,21 @@
 // TODO: Prevent token connections from creating tokens.
 // TODO: Token permission.
-export async function create () {
-  const userId = this.session.get('user_id')
-  return (await this.createAuthenticationToken({userId})).id
+export async function create ({ expiresIn }) {
+  return (await this.createAuthenticationToken({
+    expiresIn,
+    userId: this.session.get('user_id')
+  })).id
 }

 create.description = 'create a new authentication token'

+create.params = {
+  expiresIn: {
+    optional: true,
+    type: [ 'number', 'string' ]
+  }
+}
+
 create.permission = '' // sign in

 // -------------------------------------------------------------------
--- a/src/xo-mixins/authentication.js
+++ b/src/xo-mixins/authentication.js
@ -1,3 +1,4 @@
+import ms from 'ms'
 import { noSuchObject } from 'xo-common/api-errors'
 import { ignoreErrors } from 'promise-toolbox'

@ -151,11 +152,18 @@ export default class {

  // -----------------------------------------------------------------

-  async createAuthenticationToken ({userId}) {
+  async createAuthenticationToken ({
+    expiresIn = ONE_MONTH,
+    userId
+  }) {
    const token = new Token({
      id: await generateToken(),
      user_id: userId,
-      expiration: Date.now() + ONE_MONTH
+      expiration: Date.now() + (
+        typeof expiresIn === 'string'
+          ? ms(expiresIn)
+          : expiresIn
+      )
    })

    await this._tokens.add(token)