mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-18 11:36:30 +02:00
add persistent session and users to access tokens
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
import { generateSessionToken } from "@server/auth/sessions/app";
|
||||
import { db } from "@server/db";
|
||||
import { Resource, resources } from "@server/db";
|
||||
import { Resource, resources, users } from "@server/db";
|
||||
import HttpCode from "@server/types/HttpCode";
|
||||
import response from "@server/lib/response";
|
||||
import { eq } from "drizzle-orm";
|
||||
@@ -156,11 +156,42 @@ export async function authWithAccessToken(
|
||||
doNotExtend: true
|
||||
});
|
||||
|
||||
let accessAuditUser: { username: string; userId: string } | undefined;
|
||||
if (tokenItem.userId) {
|
||||
const [associatedUser] = await db
|
||||
.select({
|
||||
userId: users.userId,
|
||||
username: users.username
|
||||
})
|
||||
.from(users)
|
||||
.where(eq(users.userId, tokenItem.userId))
|
||||
.limit(1);
|
||||
if (associatedUser) {
|
||||
accessAuditUser = {
|
||||
userId: associatedUser.userId,
|
||||
username: associatedUser.username
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
logAccessAudit({
|
||||
orgId: resource.orgId,
|
||||
resourceId: resource.resourceId,
|
||||
action: true,
|
||||
type: "accessToken",
|
||||
apiKey: accessAuditUser
|
||||
? undefined
|
||||
: {
|
||||
name: tokenItem.title,
|
||||
apiKeyId: tokenItem.accessTokenId
|
||||
},
|
||||
user: accessAuditUser,
|
||||
metadata: accessAuditUser
|
||||
? {
|
||||
accessTokenId: tokenItem.accessTokenId,
|
||||
accessTokenTitle: tokenItem.title
|
||||
}
|
||||
: undefined,
|
||||
userAgent: req.headers["user-agent"],
|
||||
requestIp: req.ip
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user