Updated the method of api key creation.

ref #56
2020-12-29 20:49:45 +01:00 · 2020-12-29 20:49:45 +01:00 · 04813173e4
commit 04813173e4
parent c4270b0839
3 changed files with 35 additions and 4 deletions
--- a/src/models/actions/CreateStatsClient.ts
+++ b/src/models/actions/CreateStatsClient.ts
@ -1,5 +1,6 @@
 import * as argon2 from "argon2";
 import { IsBoolean, IsOptional, IsString } from 'class-validator';
+import crypto from 'crypto';
 import * as uuid from 'uuid';
 import { StatsClient } from '../entities/StatsClient';

@ -28,7 +29,12 @@ export class CreateStatsClient {
        let newClient: StatsClient = new StatsClient();

        newClient.description = this.description;
-        newClient.key = await argon2.hash(uuid.v4());
+
+        let newUUID = uuid.v4().toUpperCase();
+        newClient.prefix = crypto.createHash("sha3-512").update(newUUID).digest('hex').substring(0, 7).toUpperCase();
+        newClient.key = await argon2.hash(newClient.prefix + "." + newUUID);
+        newClient.cleartextkey = newClient.prefix + "." + newUUID;
+
        if (this.enabled === undefined || this.enabled === null) { newClient.enabled = true; }
        else { newClient.enabled = this.enabled }

--- a/src/models/entities/StatsClient.ts
+++ b/src/models/entities/StatsClient.ts
@ -31,11 +31,26 @@ export class StatsClient {
    enabled: boolean = true;

    /**
-     * The client's api key.
-     * This is used to authorize a statsClient against the api.
-     * It only grants access to the /stats/** routes.
+     * The client's api key prefix.
+     * This is used identitfy a client by it's api key.
+     */
+    @Column({ unique: true })
+    @IsString()
+    prefix: string;
+
+    /**
+     * The client's api key hash.
+     * The api key can be used to authenticate against the /stats/** routes.
     */
    @Column()
    @IsString()
    key: string;
+
+    /**
+     * The client's api key in plain text.
+     * This will only be used to display the full key on creation and updates.
+     */
+    @IsString()
+    @IsOptional()
+    cleartextkey?: string;
 }
--- a/src/models/responses/ResponseStatsClient.ts
+++ b/src/models/responses/ResponseStatsClient.ts
@ -3,6 +3,8 @@ import {

    IsInt,

+    IsNotEmpty,
+
    IsOptional,
    IsString
 } from "class-validator";
@ -39,6 +41,13 @@ export class ResponseStatsClient {
    @IsOptional()
    key: string;

+    /**
+     * The client's api key prefix.
+     */
+    @IsString()
+    @IsNotEmpty()
+    prefix: string;
+
    /**
     * Creates a ResponseStatsClient object from a statsClient.
     * @param client The statsClient the response shall be build for.
@ -47,6 +56,7 @@ export class ResponseStatsClient {
        this.id = client.id;
        this.description = client.description;
        this.enabled = client.enabled;
+        this.prefix = client.prefix;
        this.key = "Only visible on creation/update.";
    }
 }