diff options
Diffstat (limited to 'src/api/routes')
| -rw-r--r-- | src/api/routes/albums/albumsGET.js | 2 | ||||
| -rw-r--r-- | src/api/routes/uploads/chunksPOST.js | 5 | ||||
| -rw-r--r-- | src/api/routes/uploads/uploadPOST.js | 5 | ||||
| -rw-r--r-- | src/api/routes/user/apiKey.js | 6 |
4 files changed, 11 insertions, 7 deletions
diff --git a/src/api/routes/albums/albumsGET.js b/src/api/routes/albums/albumsGET.js index c61ad03..bbd3cae 100644 --- a/src/api/routes/albums/albumsGET.js +++ b/src/api/routes/albums/albumsGET.js @@ -69,7 +69,7 @@ class albumsGET extends Route { class albumsDropdownGET extends Route { constructor() { - super('/albums/dropdown', 'get'); + super('/albums/dropdown', 'get', { canApiKey: true }); } async run(req, res, db, user) { diff --git a/src/api/routes/uploads/chunksPOST.js b/src/api/routes/uploads/chunksPOST.js index 1c02bc7..013c0d6 100644 --- a/src/api/routes/uploads/chunksPOST.js +++ b/src/api/routes/uploads/chunksPOST.js @@ -6,7 +6,10 @@ const randomstring = require('randomstring'); class uploadPOST extends Route { constructor() { - super('/upload/chunks', 'post', { bypassAuth: true }); + super('/upload/chunks', 'post', { + bypassAuth: true, + canApiKey: true + }); } async run(req, res, db) { diff --git a/src/api/routes/uploads/uploadPOST.js b/src/api/routes/uploads/uploadPOST.js index d611175..6c01dd3 100644 --- a/src/api/routes/uploads/uploadPOST.js +++ b/src/api/routes/uploads/uploadPOST.js @@ -39,7 +39,10 @@ const upload = multer({ class uploadPOST extends Route { constructor() { - super('/upload', 'post', { bypassAuth: true }); + super('/upload', 'post', { + bypassAuth: true, + canApiKey: true + }); } async run(req, res, db) { diff --git a/src/api/routes/user/apiKey.js b/src/api/routes/user/apiKey.js index f80d563..a87d98d 100644 --- a/src/api/routes/user/apiKey.js +++ b/src/api/routes/user/apiKey.js @@ -1,12 +1,11 @@ const Route = require('../../structures/Route'); const randomstring = require('randomstring'); const moment = require('moment'); -const bcrypt = require('bcrypt'); const { dump } = require('dumper.js'); class apiKeyPOST extends Route { constructor() { - super('/user/apikey/change', 'post', { noApiKey: true }); + super('/user/apikey/change', 'post'); } async run(req, res, db, user) { @@ -14,11 +13,10 @@ class apiKeyPOST extends Route { const apiKey = randomstring.generate(64); try { - const hash = await bcrypt.hash(apiKey, 10); await db.table('users') .where({ id: user.id }) .update({ - apiKey: hash, + apiKey, apiKeyEditedAt: now }); } catch (error) { |