@objectstack/plugin-auth 6.5.1 → 6.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +55 -0
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +55 -0
- package/dist/index.mjs.map +1 -1
- package/package.json +4 -4
package/dist/index.js
CHANGED
|
@@ -1575,6 +1575,61 @@ var AuthPlugin = class {
|
|
|
1575
1575
|
return c.json({ success: false, error: { code: "internal", message: err.message } }, 500);
|
|
1576
1576
|
}
|
|
1577
1577
|
});
|
|
1578
|
+
rawApp.post(`${basePath}/admin/oauth2/toggle-disabled`, async (c) => {
|
|
1579
|
+
try {
|
|
1580
|
+
let body = {};
|
|
1581
|
+
try {
|
|
1582
|
+
body = await c.req.json();
|
|
1583
|
+
} catch {
|
|
1584
|
+
body = {};
|
|
1585
|
+
}
|
|
1586
|
+
const clientId = body?.client_id;
|
|
1587
|
+
const disabled = body?.disabled;
|
|
1588
|
+
if (typeof clientId !== "string" || clientId.length === 0) {
|
|
1589
|
+
return c.json({ success: false, error: { code: "invalid_request", message: "client_id is required" } }, 400);
|
|
1590
|
+
}
|
|
1591
|
+
if (typeof disabled !== "boolean") {
|
|
1592
|
+
return c.json({ success: false, error: { code: "invalid_request", message: "disabled must be a boolean" } }, 400);
|
|
1593
|
+
}
|
|
1594
|
+
const authApi = await this.authManager.getApi();
|
|
1595
|
+
const session = await authApi.getSession({ headers: c.req.raw.headers });
|
|
1596
|
+
if (!session?.user?.id) {
|
|
1597
|
+
return c.json({ success: false, error: { code: "unauthorized", message: "Sign in first" } }, 401);
|
|
1598
|
+
}
|
|
1599
|
+
if (session.user.role !== "admin") {
|
|
1600
|
+
return c.json({ success: false, error: { code: "forbidden", message: "Admin role required" } }, 403);
|
|
1601
|
+
}
|
|
1602
|
+
const dataEngine = this.authManager.getDataEngine();
|
|
1603
|
+
if (!dataEngine) {
|
|
1604
|
+
return c.json({ success: false, error: { code: "unavailable", message: "Data engine unavailable" } }, 503);
|
|
1605
|
+
}
|
|
1606
|
+
const existing = await dataEngine.findOne("sys_oauth_application", {
|
|
1607
|
+
where: { client_id: clientId }
|
|
1608
|
+
});
|
|
1609
|
+
if (!existing) {
|
|
1610
|
+
return c.json({ success: false, error: { code: "not_found", message: "OAuth client not found" } }, 404);
|
|
1611
|
+
}
|
|
1612
|
+
const updated = await dataEngine.update("sys_oauth_application", {
|
|
1613
|
+
id: existing.id,
|
|
1614
|
+
disabled,
|
|
1615
|
+
updated_at: new Date(Math.floor(Date.now() / 1e3) * 1e3)
|
|
1616
|
+
});
|
|
1617
|
+
if (!updated) {
|
|
1618
|
+
return c.json({ success: false, error: { code: "internal", message: "Unable to update OAuth client" } }, 500);
|
|
1619
|
+
}
|
|
1620
|
+
return c.json({
|
|
1621
|
+
success: true,
|
|
1622
|
+
data: {
|
|
1623
|
+
client_id: clientId,
|
|
1624
|
+
disabled
|
|
1625
|
+
}
|
|
1626
|
+
});
|
|
1627
|
+
} catch (error) {
|
|
1628
|
+
const err = error instanceof Error ? error : new Error(String(error));
|
|
1629
|
+
ctx.logger.error("[AuthPlugin] toggle-disabled failed", err);
|
|
1630
|
+
return c.json({ success: false, error: { code: "internal", message: err.message } }, 500);
|
|
1631
|
+
}
|
|
1632
|
+
});
|
|
1578
1633
|
rawApp.all(`${basePath}/*`, async (c) => {
|
|
1579
1634
|
try {
|
|
1580
1635
|
const response = await this.authManager.handleRequest(c.req.raw);
|