axvault 1.11.2 → 1.11.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -1
- package/dist/cli.js +1 -0
- package/dist/cli.js.map +1 -1
- package/dist/commands/serve.d.ts +1 -0
- package/dist/commands/serve.d.ts.map +1 -1
- package/dist/commands/serve.js +34 -22
- package/dist/commands/serve.js.map +1 -1
- package/dist/config.d.ts +2 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +15 -0
- package/dist/config.js.map +1 -1
- package/dist/handlers/create-key.d.ts +5 -2
- package/dist/handlers/create-key.d.ts.map +1 -1
- package/dist/handlers/create-key.js +7 -46
- package/dist/handlers/create-key.js.map +1 -1
- package/dist/handlers/delete-credential.d.ts +6 -6
- package/dist/handlers/delete-credential.d.ts.map +1 -1
- package/dist/handlers/delete-credential.js +5 -6
- package/dist/handlers/delete-credential.js.map +1 -1
- package/dist/handlers/delete-key.d.ts +6 -6
- package/dist/handlers/delete-key.d.ts.map +1 -1
- package/dist/handlers/delete-key.js +4 -4
- package/dist/handlers/delete-key.js.map +1 -1
- package/dist/handlers/get-credential.d.ts +6 -4
- package/dist/handlers/get-credential.d.ts.map +1 -1
- package/dist/handlers/get-credential.js +10 -14
- package/dist/handlers/get-credential.js.map +1 -1
- package/dist/handlers/get-key.d.ts +6 -6
- package/dist/handlers/get-key.d.ts.map +1 -1
- package/dist/handlers/get-key.js +3 -3
- package/dist/handlers/get-key.js.map +1 -1
- package/dist/handlers/list-credentials.d.ts +6 -5
- package/dist/handlers/list-credentials.d.ts.map +1 -1
- package/dist/handlers/list-credentials.js +9 -47
- package/dist/handlers/list-credentials.js.map +1 -1
- package/dist/handlers/list-keys.d.ts +2 -2
- package/dist/handlers/list-keys.d.ts.map +1 -1
- package/dist/handlers/list-keys.js +2 -2
- package/dist/handlers/list-keys.js.map +1 -1
- package/dist/handlers/put-credential.d.ts +7 -6
- package/dist/handlers/put-credential.d.ts.map +1 -1
- package/dist/handlers/put-credential.js +6 -22
- package/dist/handlers/put-credential.js.map +1 -1
- package/dist/handlers/refresh-credential-on-read.d.ts +3 -0
- package/dist/handlers/refresh-credential-on-read.d.ts.map +1 -1
- package/dist/handlers/refresh-credential-on-read.js +1 -1
- package/dist/handlers/refresh-credential-on-read.js.map +1 -1
- package/dist/handlers/update-key.d.ts +8 -6
- package/dist/handlers/update-key.d.ts.map +1 -1
- package/dist/handlers/update-key.js +7 -47
- package/dist/handlers/update-key.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/middleware/auth.d.ts +9 -9
- package/dist/middleware/auth.d.ts.map +1 -1
- package/dist/middleware/auth.js +7 -10
- package/dist/middleware/auth.js.map +1 -1
- package/dist/middleware/require-grant-access.d.ts +3 -3
- package/dist/middleware/require-grant-access.d.ts.map +1 -1
- package/dist/middleware/require-grant-access.js +4 -7
- package/dist/middleware/require-grant-access.js.map +1 -1
- package/dist/schemas/api.d.ts +109 -0
- package/dist/schemas/api.d.ts.map +1 -0
- package/dist/schemas/api.js +119 -0
- package/dist/schemas/api.js.map +1 -0
- package/dist/server/routes.d.ts +9 -10
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +182 -52
- package/dist/server/routes.js.map +1 -1
- package/dist/server/server.d.ts +10 -6
- package/dist/server/server.d.ts.map +1 -1
- package/dist/server/server.js +103 -88
- package/dist/server/server.js.map +1 -1
- package/package.json +7 -3
- package/dist/middleware/validate-key-id.d.ts +0 -10
- package/dist/middleware/validate-key-id.d.ts.map +0 -1
- package/dist/middleware/validate-key-id.js +0 -20
- package/dist/middleware/validate-key-id.js.map +0 -1
- package/dist/middleware/validate-parameters.d.ts +0 -11
- package/dist/middleware/validate-parameters.d.ts.map +0 -1
- package/dist/middleware/validate-parameters.js +0 -20
- package/dist/middleware/validate-parameters.js.map +0 -1
package/README.md
CHANGED
|
@@ -94,6 +94,7 @@ or list/delete stored credentials. List commands output TSV by default; add
|
|
|
94
94
|
| `AXVAULT_ENCRYPTION_KEY` | Encryption key (min 32 chars, required) | — |
|
|
95
95
|
| `AXVAULT_REFRESH_THRESHOLD` | Refresh credentials expiring within this many seconds (0 to disable) | `3600` |
|
|
96
96
|
| `AXVAULT_REFRESH_TIMEOUT_MS` | Timeout for refresh operations in milliseconds | `30000` |
|
|
97
|
+
| `AXVAULT_LOG_LEVEL` | Log level (trace, debug, info, warn, error, fatal, silent) | `info` |
|
|
97
98
|
|
|
98
99
|
### CLI Flags
|
|
99
100
|
|
|
@@ -105,7 +106,8 @@ npx -y axvault serve \
|
|
|
105
106
|
--host 0.0.0.0 \
|
|
106
107
|
--db-path /data/vault.db \
|
|
107
108
|
--refresh-threshold 7200 \
|
|
108
|
-
--refresh-timeout 60000
|
|
109
|
+
--refresh-timeout 60000 \
|
|
110
|
+
--log-level debug
|
|
109
111
|
```
|
|
110
112
|
|
|
111
113
|
Setting `--refresh-threshold 0` disables automatic credential refresh.
|
package/dist/cli.js
CHANGED
|
@@ -68,6 +68,7 @@ program
|
|
|
68
68
|
.option("--db-path <path>", "Database file path")
|
|
69
69
|
.option("--refresh-threshold <seconds>", "Refresh credentials expiring within this many seconds (0 to disable)")
|
|
70
70
|
.option("--refresh-timeout <ms>", "Timeout for refresh operations in milliseconds")
|
|
71
|
+
.option("--log-level <level>", "Log level (trace, debug, info, warn, error, fatal, silent)")
|
|
71
72
|
.option("-v, --verbose", "Enable verbose output")
|
|
72
73
|
.action(handleServe);
|
|
73
74
|
// API key management commands
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;GAIG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AAEtD,OAAO,WAAW,MAAM,iBAAiB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAC;AAChE,OAAO,EACL,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EACL,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,GAChB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE;KAC1B,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;KACtB,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC;KACpC,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,eAAe,CAAC;KAC7C,kBAAkB,CAAC,yCAAyC,CAAC;KAC7D,wBAAwB,EAAE;KAC1B,WAAW,CAAC,KAAK,CAAC;KAClB,WAAW,CACV,OAAO,EACP,MAAM,CAAC,GAAG,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;gDAoCkC,CAC7C,CAAC;AAEJ,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,uCAAuC,CAAC;KACpD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,UAAU,CAAC,CAAC;AAEtB,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC;KAChD,MAAM,CAAC,mBAAmB,EAAE,iBAAiB,CAAC;KAC9C,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CACL,+BAA+B,EAC/B,sEAAsE,CACvE;KACA,MAAM,CACL,wBAAwB,EACxB,gDAAgD,CACjD;KACA,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,WAAW,CAAC,CAAC;AAEvB,8BAA8B;AAC9B,MAAM,UAAU,GAAG,OAAO;KACvB,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,iBAAiB,CAAC;KAC9B,WAAW,CAAC,KAAK,CAAC,CAAC;AAEtB,UAAU;KACP,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,sBAAsB,CAAC;KACnC,cAAc,CAAC,mBAAmB,EAAE,sBAAsB,CAAC;KAC3D,MAAM,CACL,qBAAqB,EACrB,wEAAwE,CACzE;KACA,MAAM,CACL,sBAAsB,EACtB,8DAA8D,CAC/D;KACA,MAAM,CACL,sBAAsB,EACtB,sEAAsE,CACvE;KACA,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,CAAC,CAAC;AAE3B,UAAU;KACP,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,aAAa,CAAC,CAAC;AAEzB,UAAU;KACP,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,QAAQ,CAAC,MAAM,EAAE,mCAAmC,CAAC;KACrD,MAAM,CAAC,aAAa,EAAE,4BAA4B,CAAC;KACnD,MAAM,CAAC,WAAW,EAAE,mBAAmB,CAAC;KACxC,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,CAAC,CAAC;AAE3B,UAAU;KACP,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,iCAAiC,CAAC;KAC9C,QAAQ,CAAC,MAAM,EAAE,mCAAmC,CAAC;KACrD,MAAM,CAAC,qBAAqB,EAAE,yBAAyB,CAAC;KACxD,MAAM,CAAC,sBAAsB,EAAE,0BAA0B,CAAC;KAC1D,MAAM,CAAC,sBAAsB,EAAE,0BAA0B,CAAC;KAC1D,MAAM,CAAC,wBAAwB,EAAE,4BAA4B,CAAC;KAC9D,MAAM,CAAC,yBAAyB,EAAE,6BAA6B,CAAC;KAChE,MAAM,CAAC,yBAAyB,EAAE,6BAA6B,CAAC;KAChE,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,CAAC,CAAC;AAE3B,iCAAiC;AACjC,MAAM,iBAAiB,GAAG,OAAO;KAC9B,OAAO,CAAC,YAAY,CAAC;KACrB,WAAW,CAAC,2BAA2B,CAAC;KACxC,WAAW,CAAC,KAAK,CAAC,CAAC;AAEtB,iBAAiB;KACd,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,6BAA6B,CAAC;KAC1C,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,oBAAoB,CAAC,CAAC;AAEhC,iBAAiB;KACd,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,qBAAqB,CAAC;KAClC,QAAQ,CAAC,QAAQ,EAAE,qCAAqC,CAAC;KACzD,MAAM,CAAC,aAAa,EAAE,4BAA4B,CAAC;KACnD,MAAM,CAAC,WAAW,EAAE,mBAAmB,CAAC;KACxC,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,sBAAsB,CAAC,CAAC;AAElC,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;GAIG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AAEtD,OAAO,WAAW,MAAM,iBAAiB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAC;AAChE,OAAO,EACL,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EACL,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,GAChB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE;KAC1B,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;KACtB,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC;KACpC,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,eAAe,CAAC;KAC7C,kBAAkB,CAAC,yCAAyC,CAAC;KAC7D,wBAAwB,EAAE;KAC1B,WAAW,CAAC,KAAK,CAAC;KAClB,WAAW,CACV,OAAO,EACP,MAAM,CAAC,GAAG,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;gDAoCkC,CAC7C,CAAC;AAEJ,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,uCAAuC,CAAC;KACpD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,UAAU,CAAC,CAAC;AAEtB,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC;KAChD,MAAM,CAAC,mBAAmB,EAAE,iBAAiB,CAAC;KAC9C,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CACL,+BAA+B,EAC/B,sEAAsE,CACvE;KACA,MAAM,CACL,wBAAwB,EACxB,gDAAgD,CACjD;KACA,MAAM,CACL,qBAAqB,EACrB,4DAA4D,CAC7D;KACA,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,WAAW,CAAC,CAAC;AAEvB,8BAA8B;AAC9B,MAAM,UAAU,GAAG,OAAO;KACvB,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,iBAAiB,CAAC;KAC9B,WAAW,CAAC,KAAK,CAAC,CAAC;AAEtB,UAAU;KACP,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,sBAAsB,CAAC;KACnC,cAAc,CAAC,mBAAmB,EAAE,sBAAsB,CAAC;KAC3D,MAAM,CACL,qBAAqB,EACrB,wEAAwE,CACzE;KACA,MAAM,CACL,sBAAsB,EACtB,8DAA8D,CAC/D;KACA,MAAM,CACL,sBAAsB,EACtB,sEAAsE,CACvE;KACA,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,CAAC,CAAC;AAE3B,UAAU;KACP,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,aAAa,CAAC,CAAC;AAEzB,UAAU;KACP,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,QAAQ,CAAC,MAAM,EAAE,mCAAmC,CAAC;KACrD,MAAM,CAAC,aAAa,EAAE,4BAA4B,CAAC;KACnD,MAAM,CAAC,WAAW,EAAE,mBAAmB,CAAC;KACxC,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,CAAC,CAAC;AAE3B,UAAU;KACP,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,iCAAiC,CAAC;KAC9C,QAAQ,CAAC,MAAM,EAAE,mCAAmC,CAAC;KACrD,MAAM,CAAC,qBAAqB,EAAE,yBAAyB,CAAC;KACxD,MAAM,CAAC,sBAAsB,EAAE,0BAA0B,CAAC;KAC1D,MAAM,CAAC,sBAAsB,EAAE,0BAA0B,CAAC;KAC1D,MAAM,CAAC,wBAAwB,EAAE,4BAA4B,CAAC;KAC9D,MAAM,CAAC,yBAAyB,EAAE,6BAA6B,CAAC;KAChE,MAAM,CAAC,yBAAyB,EAAE,6BAA6B,CAAC;KAChE,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,eAAe,CAAC,CAAC;AAE3B,iCAAiC;AACjC,MAAM,iBAAiB,GAAG,OAAO;KAC9B,OAAO,CAAC,YAAY,CAAC;KACrB,WAAW,CAAC,2BAA2B,CAAC;KACxC,WAAW,CAAC,KAAK,CAAC,CAAC;AAEtB,iBAAiB;KACd,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,6BAA6B,CAAC;KAC1C,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;KAClC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,oBAAoB,CAAC,CAAC;AAEhC,iBAAiB;KACd,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,qBAAqB,CAAC;KAClC,QAAQ,CAAC,QAAQ,EAAE,qCAAqC,CAAC;KACzD,MAAM,CAAC,aAAa,EAAE,4BAA4B,CAAC;KACnD,MAAM,CAAC,WAAW,EAAE,mBAAmB,CAAC;KACxC,MAAM,CAAC,eAAe,EAAE,uBAAuB,CAAC;KAChD,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KAChD,MAAM,CAAC,sBAAsB,CAAC,CAAC;AAElC,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC"}
|
package/dist/commands/serve.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serve.d.ts","sourceRoot":"","sources":["../../src/commands/serve.ts"],"names":[],"mappings":"AAAA;;GAEG;
|
|
1
|
+
{"version":3,"file":"serve.d.ts","sourceRoot":"","sources":["../../src/commands/serve.ts"],"names":[],"mappings":"AAAA;;GAEG;AAiBH,UAAU,YAAY;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA+GtE"}
|
package/dist/commands/serve.js
CHANGED
|
@@ -3,10 +3,11 @@
|
|
|
3
3
|
*/
|
|
4
4
|
import { existsSync, mkdirSync } from "node:fs";
|
|
5
5
|
import path from "node:path";
|
|
6
|
+
import closeWithGrace from "close-with-grace";
|
|
6
7
|
import { getServerConfig } from "../config.js";
|
|
7
8
|
import { getDatabase, closeDatabase } from "../db/client.js";
|
|
8
9
|
import { runMigrations } from "../db/migrations.js";
|
|
9
|
-
import {
|
|
10
|
+
import { createHealthPlugin, createCredentialPlugin, createKeyPlugin, } from "../server/routes.js";
|
|
10
11
|
import { createServer } from "../server/server.js";
|
|
11
12
|
export async function handleServe(options) {
|
|
12
13
|
let config;
|
|
@@ -18,6 +19,7 @@ export async function handleServe(options) {
|
|
|
18
19
|
dbPath: options.dbPath,
|
|
19
20
|
refreshThresholdSeconds: options.refreshThreshold,
|
|
20
21
|
refreshTimeoutMs: options.refreshTimeout,
|
|
22
|
+
logLevel: options.logLevel,
|
|
21
23
|
});
|
|
22
24
|
}
|
|
23
25
|
catch (error) {
|
|
@@ -61,32 +63,42 @@ export async function handleServe(options) {
|
|
|
61
63
|
// eslint-disable-next-line unicorn/no-process-exit -- CLI startup failure
|
|
62
64
|
process.exit(1);
|
|
63
65
|
}
|
|
64
|
-
// Create server with
|
|
66
|
+
// Create server with plugins
|
|
65
67
|
const server = createServer(config, [
|
|
66
|
-
|
|
67
|
-
|
|
68
|
+
createHealthPlugin(),
|
|
69
|
+
createCredentialPlugin(database, {
|
|
68
70
|
refreshThresholdSeconds: config.refreshThresholdSeconds,
|
|
69
71
|
refreshTimeoutMs: config.refreshTimeoutMs,
|
|
70
72
|
}),
|
|
71
|
-
|
|
73
|
+
createKeyPlugin(database),
|
|
72
74
|
]);
|
|
73
|
-
// Graceful shutdown
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
75
|
+
// Graceful shutdown with close-with-grace.
|
|
76
|
+
// The composition root owns both the server and the database, so it is
|
|
77
|
+
// responsible for closing both in the correct order.
|
|
78
|
+
closeWithGrace({
|
|
79
|
+
delay: 5000,
|
|
80
|
+
logger: false,
|
|
81
|
+
}, async ({ signal, err }) => {
|
|
82
|
+
try {
|
|
83
|
+
if (err) {
|
|
84
|
+
server.app.log.error({ err, signal }, "Shutting down due to error");
|
|
85
|
+
}
|
|
86
|
+
else if (verbose) {
|
|
87
|
+
server.app.log.info({ signal }, "Shutting down...");
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
catch {
|
|
91
|
+
// Server not started yet; use console.error as fallback
|
|
92
|
+
if (err) {
|
|
93
|
+
console.error("Shutting down due to error:", err);
|
|
94
|
+
}
|
|
95
|
+
else if (verbose) {
|
|
96
|
+
console.error(`Shutting down (signal: ${signal})...`);
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
await server.stop();
|
|
100
|
+
closeDatabase();
|
|
101
|
+
});
|
|
90
102
|
try {
|
|
91
103
|
await server.start();
|
|
92
104
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serve.js","sourceRoot":"","sources":["../../src/commands/serve.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAChD,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"serve.js","sourceRoot":"","sources":["../../src/commands/serve.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAChD,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,cAAc,MAAM,kBAAkB,CAAC;AAE9C,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAYnD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAqB;IACrD,IAAI,MAAM,CAAC;IACX,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,KAAK,IAAI,CAAC;IACzC,IAAI,CAAC;QACH,MAAM,GAAG,eAAe,CAAC;YACvB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,uBAAuB,EAAE,OAAO,CAAC,gBAAgB;YACjD,gBAAgB,EAAE,OAAO,CAAC,cAAc;YACxC,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;QACnC,uEAAuE;QACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,8BAA8B;IAC9B,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IAC5D,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAChD,OAAO,CAAC,KAAK,CACX,qEAAqE,CACtE,CAAC;QACF,uEAAuE;QACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,+EAA+E;IAC/E,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACxD,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QAC/B,IAAI,CAAC;YACH,SAAS,CAAC,aAAa,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9C,IAAI,OAAO;gBAAE,OAAO,CAAC,KAAK,CAAC,2BAA2B,aAAa,EAAE,CAAC,CAAC;QACzE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,OAAO,CAAC,KAAK,CACX,oCAAoC,aAAa,MAAM,OAAO,EAAE,CACjE,CAAC;YACF,0EAA0E;YAC1E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,IAAI,QAAQ,CAAC;IACb,IAAI,CAAC;QACH,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC5C,aAAa,CAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,OAAO,CAAC,KAAK,CAAC,kCAAkC,OAAO,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,KAAK,CACX,iDAAiD,MAAM,CAAC,YAAY,gBAAgB,CACrF,CAAC;QACF,0EAA0E;QAC1E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6BAA6B;IAC7B,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE;QAClC,kBAAkB,EAAE;QACpB,sBAAsB,CAAC,QAAQ,EAAE;YAC/B,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;YACvD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;SAC1C,CAAC;QACF,eAAe,CAAC,QAAQ,CAAC;KAC1B,CAAC,CAAC;IAEH,2CAA2C;IAC3C,uEAAuE;IACvE,qDAAqD;IACrD,cAAc,CACZ;QACE,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,KAAK;KACd,EACD,KAAK,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,EAAE;QACxB,IAAI,CAAC;YACH,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,4BAA4B,CAAC,CAAC;YACtE,CAAC;iBAAM,IAAI,OAAO,EAAE,CAAC;gBACnB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,kBAAkB,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wDAAwD;YACxD,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,KAAK,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;YACpD,CAAC;iBAAM,IAAI,OAAO,EAAE,CAAC;gBACnB,OAAO,CAAC,KAAK,CAAC,0BAA0B,MAAM,MAAM,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;QAED,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,aAAa,EAAE,CAAC;IAClB,CAAC,CACF,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;IACvB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,OAAO,CAAC,KAAK,CACX,oCAAoC,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,IAAI,GAAG,EACjE,OAAO,CACR,CAAC;QACF,aAAa,EAAE,CAAC;QAChB,0EAA0E;QAC1E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}
|
package/dist/config.d.ts
CHANGED
|
@@ -9,6 +9,7 @@ export interface ServerConfig {
|
|
|
9
9
|
databasePath: string;
|
|
10
10
|
refreshThresholdSeconds: number;
|
|
11
11
|
refreshTimeoutMs: number;
|
|
12
|
+
logLevel: string;
|
|
12
13
|
}
|
|
13
14
|
interface ConfigOverrides {
|
|
14
15
|
port?: string;
|
|
@@ -16,6 +17,7 @@ interface ConfigOverrides {
|
|
|
16
17
|
dbPath?: string;
|
|
17
18
|
refreshThresholdSeconds?: string;
|
|
18
19
|
refreshTimeoutMs?: string;
|
|
20
|
+
logLevel?: string;
|
|
19
21
|
}
|
|
20
22
|
/** Parse config from environment and CLI overrides */
|
|
21
23
|
export declare function getServerConfig(overrides?: ConfigOverrides): ServerConfig;
|
package/dist/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,uBAAuB,EAAE,MAAM,CAAC;IAChC,gBAAgB,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,uBAAuB,EAAE,MAAM,CAAC;IAChC,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,UAAU,eAAe;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAmBD,sDAAsD;AACtD,wBAAgB,eAAe,CAAC,SAAS,GAAE,eAAoB,GAAG,YAAY,CAkC7E"}
|
package/dist/config.js
CHANGED
|
@@ -8,6 +8,16 @@ const DEFAULT_HOST = "127.0.0.1";
|
|
|
8
8
|
const DEFAULT_DATABASE_PATH = "./data/axvault.db";
|
|
9
9
|
const DEFAULT_REFRESH_THRESHOLD_SECONDS = 3600; // 1 hour
|
|
10
10
|
const DEFAULT_REFRESH_TIMEOUT_MS = 30_000; // 30 seconds
|
|
11
|
+
const DEFAULT_LOG_LEVEL = "info";
|
|
12
|
+
const VALID_LOG_LEVELS = [
|
|
13
|
+
"trace",
|
|
14
|
+
"debug",
|
|
15
|
+
"info",
|
|
16
|
+
"warn",
|
|
17
|
+
"error",
|
|
18
|
+
"fatal",
|
|
19
|
+
"silent",
|
|
20
|
+
];
|
|
11
21
|
/** Parse config from environment and CLI overrides */
|
|
12
22
|
export function getServerConfig(overrides = {}) {
|
|
13
23
|
const port = parsePort(overrides.port ?? process.env.AXVAULT_PORT);
|
|
@@ -15,12 +25,17 @@ export function getServerConfig(overrides = {}) {
|
|
|
15
25
|
const databasePath = overrides.dbPath ?? process.env.AXVAULT_DB_PATH ?? DEFAULT_DATABASE_PATH;
|
|
16
26
|
const refreshThresholdSeconds = parseNonNegativeInt(overrides.refreshThresholdSeconds ?? process.env.AXVAULT_REFRESH_THRESHOLD, DEFAULT_REFRESH_THRESHOLD_SECONDS, "AXVAULT_REFRESH_THRESHOLD");
|
|
17
27
|
const refreshTimeoutMs = parseNonNegativeInt(overrides.refreshTimeoutMs ?? process.env.AXVAULT_REFRESH_TIMEOUT_MS, DEFAULT_REFRESH_TIMEOUT_MS, "AXVAULT_REFRESH_TIMEOUT_MS");
|
|
28
|
+
const logLevel = overrides.logLevel ?? process.env.AXVAULT_LOG_LEVEL ?? DEFAULT_LOG_LEVEL;
|
|
29
|
+
if (!VALID_LOG_LEVELS.includes(logLevel)) {
|
|
30
|
+
throw new Error(`Invalid log level: "${logLevel}". Must be one of: ${VALID_LOG_LEVELS.join(", ")}`);
|
|
31
|
+
}
|
|
18
32
|
return {
|
|
19
33
|
port,
|
|
20
34
|
host,
|
|
21
35
|
databasePath,
|
|
22
36
|
refreshThresholdSeconds,
|
|
23
37
|
refreshTimeoutMs,
|
|
38
|
+
logLevel,
|
|
24
39
|
};
|
|
25
40
|
}
|
|
26
41
|
function parsePort(value) {
|
package/dist/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAoBH,MAAM,YAAY,GAAG,IAAI,CAAC;AAC1B,MAAM,YAAY,GAAG,WAAW,CAAC;AACjC,MAAM,qBAAqB,GAAG,mBAAmB,CAAC;AAClD,MAAM,iCAAiC,GAAG,IAAI,CAAC,CAAC,SAAS;AACzD,MAAM,0BAA0B,GAAG,MAAM,CAAC,CAAC,aAAa;AACxD,MAAM,iBAAiB,GAAG,MAAM,CAAC;AAEjC,MAAM,gBAAgB,GAAG;IACvB,OAAO;IACP,OAAO;IACP,MAAM;IACN,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;CACA,CAAC;AAEX,sDAAsD;AACtD,MAAM,UAAU,eAAe,CAAC,YAA6B,EAAE;IAC7D,MAAM,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACnE,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,YAAY,CAAC;IACxE,MAAM,YAAY,GAChB,SAAS,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,qBAAqB,CAAC;IAE3E,MAAM,uBAAuB,GAAG,mBAAmB,CACjD,SAAS,CAAC,uBAAuB,IAAI,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAC1E,iCAAiC,EACjC,2BAA2B,CAC5B,CAAC;IACF,MAAM,gBAAgB,GAAG,mBAAmB,CAC1C,SAAS,CAAC,gBAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,EACpE,0BAA0B,EAC1B,4BAA4B,CAC7B,CAAC;IAEF,MAAM,QAAQ,GACZ,SAAS,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,iBAAiB,CAAC;IAE3E,IAAI,CAAE,gBAAsC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CACb,uBAAuB,QAAQ,sBAAsB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACnF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,YAAY;QACZ,uBAAuB;QACvB,gBAAgB;QAChB,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,KAAyB;IAC1C,IAAI,CAAC,KAAK;QAAE,OAAO,YAAY,CAAC;IAChC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxC,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,MAAM,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,iBAAiB,KAAK,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAC1B,KAAyB,EACzB,YAAoB,EACpB,IAAY;IAEZ,IAAI,CAAC,KAAK;QAAE,OAAO,YAAY,CAAC;IAChC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,OAAO,CAAC,IAAI,CACV,WAAW,IAAI,WAAW,KAAK,oBAAoB,YAAY,EAAE,CAClE,CAAC;QACF,OAAO,YAAY,CAAC;IACtB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -3,9 +3,12 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Creates a new API key and returns the one-time secret.
|
|
5
5
|
*/
|
|
6
|
-
import type {
|
|
6
|
+
import type { FastifyReply, FastifyRequest } from "fastify";
|
|
7
7
|
import type Database from "better-sqlite3";
|
|
8
|
+
import type { CreateKeyBody } from "../schemas/api.js";
|
|
8
9
|
/** Create a new API key */
|
|
9
|
-
declare function createCreateKeyHandler(database: Database.Database):
|
|
10
|
+
declare function createCreateKeyHandler(database: Database.Database): (request: FastifyRequest<{
|
|
11
|
+
Body: CreateKeyBody;
|
|
12
|
+
}>, reply: FastifyReply) => void;
|
|
10
13
|
export { createCreateKeyHandler };
|
|
11
14
|
//# sourceMappingURL=create-key.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"create-key.d.ts","sourceRoot":"","sources":["../../src/handlers/create-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"create-key.d.ts","sourceRoot":"","sources":["../../src/handlers/create-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAGvD,2BAA2B;AAC3B,iBAAS,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAEvD,SAAS,cAAc,CAAC;IAAE,IAAI,EAAE,aAAa,CAAA;CAAE,CAAC,EAChD,OAAO,YAAY,KAClB,IAAI,CAeR;AAED,OAAO,EAAE,sBAAsB,EAAE,CAAC"}
|
|
@@ -5,56 +5,17 @@
|
|
|
5
5
|
*/
|
|
6
6
|
import { createApiKey } from "../db/repositories/api-keys.js";
|
|
7
7
|
import { serializeKeyForResponse } from "./serialize-key.js";
|
|
8
|
-
/** Validate that the request body has valid access lists */
|
|
9
|
-
function isValidAccessLists(body) {
|
|
10
|
-
const { readAccess, writeAccess, grantAccess } = body;
|
|
11
|
-
if (!Array.isArray(readAccess) ||
|
|
12
|
-
!readAccess.every((v) => typeof v === "string"))
|
|
13
|
-
return false;
|
|
14
|
-
if (!Array.isArray(writeAccess) ||
|
|
15
|
-
!writeAccess.every((v) => typeof v === "string"))
|
|
16
|
-
return false;
|
|
17
|
-
if (!Array.isArray(grantAccess) ||
|
|
18
|
-
!grantAccess.every((v) => typeof v === "string"))
|
|
19
|
-
return false;
|
|
20
|
-
// At least one access list must be non-empty
|
|
21
|
-
if (readAccess.length === 0 &&
|
|
22
|
-
writeAccess.length === 0 &&
|
|
23
|
-
grantAccess.length === 0)
|
|
24
|
-
return false;
|
|
25
|
-
return true;
|
|
26
|
-
}
|
|
27
8
|
/** Create a new API key */
|
|
28
9
|
function createCreateKeyHandler(database) {
|
|
29
|
-
return (request,
|
|
30
|
-
const
|
|
31
|
-
if (typeof body !== "object" || body === null || Array.isArray(body)) {
|
|
32
|
-
response
|
|
33
|
-
.status(400)
|
|
34
|
-
.json({ error: "Request body must be a JSON object" });
|
|
35
|
-
return;
|
|
36
|
-
}
|
|
37
|
-
const record = body;
|
|
38
|
-
const { name } = record;
|
|
39
|
-
if (typeof name !== "string" || name.trim().length === 0) {
|
|
40
|
-
response
|
|
41
|
-
.status(400)
|
|
42
|
-
.json({ error: "name is required and must be a non-empty string" });
|
|
43
|
-
return;
|
|
44
|
-
}
|
|
45
|
-
if (!isValidAccessLists(record)) {
|
|
46
|
-
response.status(400).json({
|
|
47
|
-
error: "readAccess, writeAccess, and grantAccess must be string arrays; at least one must be non-empty",
|
|
48
|
-
});
|
|
49
|
-
return;
|
|
50
|
-
}
|
|
10
|
+
return (request, reply) => {
|
|
11
|
+
const { name, readAccess, writeAccess, grantAccess } = request.body;
|
|
51
12
|
const keyWithSecret = createApiKey(database, {
|
|
52
|
-
name
|
|
53
|
-
readAccess
|
|
54
|
-
writeAccess
|
|
55
|
-
grantAccess
|
|
13
|
+
name,
|
|
14
|
+
readAccess,
|
|
15
|
+
writeAccess,
|
|
16
|
+
grantAccess,
|
|
56
17
|
});
|
|
57
|
-
|
|
18
|
+
void reply.code(201).send({
|
|
58
19
|
...serializeKeyForResponse(keyWithSecret),
|
|
59
20
|
key: keyWithSecret.key,
|
|
60
21
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"create-key.js","sourceRoot":"","sources":["../../src/handlers/create-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;
|
|
1
|
+
{"version":3,"file":"create-key.js","sourceRoot":"","sources":["../../src/handlers/create-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAE9D,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAE7D,2BAA2B;AAC3B,SAAS,sBAAsB,CAAC,QAA2B;IACzD,OAAO,CACL,OAAgD,EAChD,KAAmB,EACb,EAAE;QACR,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;QAEpE,MAAM,aAAa,GAAG,YAAY,CAAC,QAAQ,EAAE;YAC3C,IAAI;YACJ,UAAU;YACV,WAAW;YACX,WAAW;SACZ,CAAC,CAAC;QAEH,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACxB,GAAG,uBAAuB,CAAC,aAAa,CAAC;YACzC,GAAG,EAAE,aAAa,CAAC,GAAG;SACvB,CAAC,CAAC;IACL,CAAC,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,sBAAsB,EAAE,CAAC"}
|
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* DELETE /api/v1/credentials/:name handler.
|
|
3
3
|
*/
|
|
4
|
-
import type {
|
|
4
|
+
import type { FastifyReply, FastifyRequest } from "fastify";
|
|
5
5
|
import type Database from "better-sqlite3";
|
|
6
|
-
/** Handler type for credential routes with name param */
|
|
7
|
-
type CredentialHandler = RequestHandler<{
|
|
8
|
-
name: string;
|
|
9
|
-
}, unknown, unknown, unknown>;
|
|
10
6
|
/**
|
|
11
7
|
* Remove a credential.
|
|
12
8
|
*/
|
|
13
|
-
declare function createDeleteCredentialHandler(database: Database.Database):
|
|
9
|
+
declare function createDeleteCredentialHandler(database: Database.Database): (request: FastifyRequest<{
|
|
10
|
+
Params: {
|
|
11
|
+
name: string;
|
|
12
|
+
};
|
|
13
|
+
}>, reply: FastifyReply) => void;
|
|
14
14
|
export { createDeleteCredentialHandler };
|
|
15
15
|
//# sourceMappingURL=delete-credential.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"delete-credential.d.ts","sourceRoot":"","sources":["../../src/handlers/delete-credential.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"delete-credential.d.ts","sourceRoot":"","sources":["../../src/handlers/delete-credential.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAM3C;;GAEG;AACH,iBAAS,6BAA6B,CAAC,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAE9D,SAAS,cAAc,CAAC;IAAE,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,CAAC,EACrD,OAAO,YAAY,KAClB,IAAI,CAuCR;AAED,OAAO,EAAE,6BAA6B,EAAE,CAAC"}
|
|
@@ -8,10 +8,9 @@ import { logAccess } from "../db/repositories/audit-log.js";
|
|
|
8
8
|
* Remove a credential.
|
|
9
9
|
*/
|
|
10
10
|
function createDeleteCredentialHandler(database) {
|
|
11
|
-
return (request,
|
|
12
|
-
const authenticatedRequest = request;
|
|
11
|
+
return (request, reply) => {
|
|
13
12
|
const { name } = request.params;
|
|
14
|
-
const { apiKey } =
|
|
13
|
+
const { apiKey } = request;
|
|
15
14
|
if (!hasWriteAccess(apiKey, name)) {
|
|
16
15
|
logAccess(database, {
|
|
17
16
|
apiKeyId: apiKey.id,
|
|
@@ -20,7 +19,7 @@ function createDeleteCredentialHandler(database) {
|
|
|
20
19
|
success: false,
|
|
21
20
|
errorMessage: "Access denied",
|
|
22
21
|
});
|
|
23
|
-
|
|
22
|
+
void reply.code(403).send({ error: "Access denied" });
|
|
24
23
|
return;
|
|
25
24
|
}
|
|
26
25
|
const deleted = deleteCredential(database, name);
|
|
@@ -32,7 +31,7 @@ function createDeleteCredentialHandler(database) {
|
|
|
32
31
|
success: false,
|
|
33
32
|
errorMessage: "Not found",
|
|
34
33
|
});
|
|
35
|
-
|
|
34
|
+
void reply.code(404).send({ error: "Credential not found" });
|
|
36
35
|
return;
|
|
37
36
|
}
|
|
38
37
|
logAccess(database, {
|
|
@@ -41,7 +40,7 @@ function createDeleteCredentialHandler(database) {
|
|
|
41
40
|
credentialName: name,
|
|
42
41
|
success: true,
|
|
43
42
|
});
|
|
44
|
-
|
|
43
|
+
void reply.code(204).send();
|
|
45
44
|
};
|
|
46
45
|
}
|
|
47
46
|
export { createDeleteCredentialHandler };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"delete-credential.js","sourceRoot":"","sources":["../../src/handlers/delete-credential.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACrE,OAAO,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"delete-credential.js","sourceRoot":"","sources":["../../src/handlers/delete-credential.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACrE,OAAO,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAE5D;;GAEG;AACH,SAAS,6BAA6B,CAAC,QAA2B;IAChE,OAAO,CACL,OAAqD,EACrD,KAAmB,EACb,EAAE;QACR,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAE3B,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;YAClC,SAAS,CAAC,QAAQ,EAAE;gBAClB,QAAQ,EAAE,MAAM,CAAC,EAAE;gBACnB,MAAM,EAAE,QAAQ;gBAChB,cAAc,EAAE,IAAI;gBACpB,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,eAAe;aAC9B,CAAC,CAAC;YACH,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;YACtD,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAEjD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,SAAS,CAAC,QAAQ,EAAE;gBAClB,QAAQ,EAAE,MAAM,CAAC,EAAE;gBACnB,MAAM,EAAE,QAAQ;gBAChB,cAAc,EAAE,IAAI;gBACpB,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,WAAW;aAC1B,CAAC,CAAC;YACH,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;YAC7D,OAAO;QACT,CAAC;QAED,SAAS,CAAC,QAAQ,EAAE;YAClB,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,MAAM,EAAE,QAAQ;YAChB,cAAc,EAAE,IAAI;YACpB,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QAEH,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9B,CAAC,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,6BAA6B,EAAE,CAAC"}
|
|
@@ -3,13 +3,13 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Revokes an API key.
|
|
5
5
|
*/
|
|
6
|
-
import type {
|
|
6
|
+
import type { FastifyReply, FastifyRequest } from "fastify";
|
|
7
7
|
import type Database from "better-sqlite3";
|
|
8
|
-
/** Handler type for key routes with id param */
|
|
9
|
-
type KeyHandler = RequestHandler<{
|
|
10
|
-
id: string;
|
|
11
|
-
}, unknown, unknown, unknown>;
|
|
12
8
|
/** Revoke an API key */
|
|
13
|
-
declare function createDeleteKeyHandler(database: Database.Database):
|
|
9
|
+
declare function createDeleteKeyHandler(database: Database.Database): (request: FastifyRequest<{
|
|
10
|
+
Params: {
|
|
11
|
+
id: string;
|
|
12
|
+
};
|
|
13
|
+
}>, reply: FastifyReply) => void;
|
|
14
14
|
export { createDeleteKeyHandler };
|
|
15
15
|
//# sourceMappingURL=delete-key.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"delete-key.d.ts","sourceRoot":"","sources":["../../src/handlers/delete-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"delete-key.d.ts","sourceRoot":"","sources":["../../src/handlers/delete-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAI3C,wBAAwB;AACxB,iBAAS,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAEvD,SAAS,cAAc,CAAC;IAAE,MAAM,EAAE;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,CAAC,EACnD,OAAO,YAAY,KAClB,IAAI,CAmBR;AAED,OAAO,EAAE,sBAAsB,EAAE,CAAC"}
|
|
@@ -6,20 +6,20 @@
|
|
|
6
6
|
import { deleteApiKey } from "../db/repositories/api-keys.js";
|
|
7
7
|
/** Revoke an API key */
|
|
8
8
|
function createDeleteKeyHandler(database) {
|
|
9
|
-
return (request,
|
|
9
|
+
return (request, reply) => {
|
|
10
10
|
const { apiKey } = request;
|
|
11
11
|
const { id } = request.params;
|
|
12
12
|
// Prevent self-deletion
|
|
13
13
|
if (apiKey.id === id) {
|
|
14
|
-
|
|
14
|
+
void reply.code(403).send({ error: "Cannot revoke your own API key" });
|
|
15
15
|
return;
|
|
16
16
|
}
|
|
17
17
|
const deleted = deleteApiKey(database, id);
|
|
18
18
|
if (!deleted) {
|
|
19
|
-
|
|
19
|
+
void reply.code(404).send({ error: "API key not found" });
|
|
20
20
|
return;
|
|
21
21
|
}
|
|
22
|
-
|
|
22
|
+
void reply.code(204).send();
|
|
23
23
|
};
|
|
24
24
|
}
|
|
25
25
|
export { createDeleteKeyHandler };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"delete-key.js","sourceRoot":"","sources":["../../src/handlers/delete-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;
|
|
1
|
+
{"version":3,"file":"delete-key.js","sourceRoot":"","sources":["../../src/handlers/delete-key.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAE9D,wBAAwB;AACxB,SAAS,sBAAsB,CAAC,QAA2B;IACzD,OAAO,CACL,OAAmD,EACnD,KAAmB,EACb,EAAE;QACR,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAC3B,MAAM,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QAE9B,wBAAwB;QACxB,IAAI,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC,CAAC;YACvE,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAE3C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;YAC1D,OAAO;QACT,CAAC;QAED,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9B,CAAC,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,sBAAsB,EAAE,CAAC"}
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
* not inspect the blob's structure - all introspection (refresh checks, expiry
|
|
6
6
|
* detection) is delegated to axauth functions that accept opaque blobs.
|
|
7
7
|
*/
|
|
8
|
-
import type {
|
|
8
|
+
import type { FastifyReply, FastifyRequest } from "fastify";
|
|
9
9
|
import type Database from "better-sqlite3";
|
|
10
10
|
/** Handler configuration */
|
|
11
11
|
interface GetCredentialConfig {
|
|
@@ -17,9 +17,11 @@ interface GetCredentialConfig {
|
|
|
17
17
|
*
|
|
18
18
|
* Automatically refreshes credentials that are near expiration.
|
|
19
19
|
*/
|
|
20
|
-
declare function createGetCredentialHandler(database: Database.Database, config: GetCredentialConfig): (request:
|
|
21
|
-
|
|
22
|
-
|
|
20
|
+
declare function createGetCredentialHandler(database: Database.Database, config: GetCredentialConfig): (request: FastifyRequest<{
|
|
21
|
+
Params: {
|
|
22
|
+
name: string;
|
|
23
|
+
};
|
|
24
|
+
}>, reply: FastifyReply) => Promise<void>;
|
|
23
25
|
export { createGetCredentialHandler };
|
|
24
26
|
export type { GetCredentialConfig };
|
|
25
27
|
//# sourceMappingURL=get-credential.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-credential.d.ts","sourceRoot":"","sources":["../../src/handlers/get-credential.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"get-credential.d.ts","sourceRoot":"","sources":["../../src/handlers/get-credential.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAQ3C,4BAA4B;AAC5B,UAAU,mBAAmB;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED;;;;GAIG;AACH,iBAAS,0BAA0B,CACjC,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAC3B,MAAM,EAAE,mBAAmB,IAGzB,SAAS,cAAc,CAAC;IAAE,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,CAAC,EACrD,OAAO,YAAY,KAClB,OAAO,CAAC,IAAI,CAAC,CAqGjB;AAED,OAAO,EAAE,0BAA0B,EAAE,CAAC;AACtC,YAAY,EAAE,mBAAmB,EAAE,CAAC"}
|
|
@@ -16,10 +16,9 @@ import { refreshCredentialOnRead } from "./refresh-credential-on-read.js";
|
|
|
16
16
|
* Automatically refreshes credentials that are near expiration.
|
|
17
17
|
*/
|
|
18
18
|
function createGetCredentialHandler(database, config) {
|
|
19
|
-
return async (request,
|
|
20
|
-
const authenticatedRequest = request;
|
|
19
|
+
return async (request, reply) => {
|
|
21
20
|
const { name } = request.params;
|
|
22
|
-
const { apiKey } =
|
|
21
|
+
const { apiKey } = request;
|
|
23
22
|
// Access control check
|
|
24
23
|
if (!hasReadAccess(apiKey, name)) {
|
|
25
24
|
logAccess(database, {
|
|
@@ -29,8 +28,7 @@ function createGetCredentialHandler(database, config) {
|
|
|
29
28
|
success: false,
|
|
30
29
|
errorMessage: "Access denied",
|
|
31
30
|
});
|
|
32
|
-
|
|
33
|
-
return;
|
|
31
|
+
return reply.code(403).send({ error: "Access denied" });
|
|
34
32
|
}
|
|
35
33
|
// Fetch credential from database
|
|
36
34
|
const credential = getCredential(database, name);
|
|
@@ -42,8 +40,7 @@ function createGetCredentialHandler(database, config) {
|
|
|
42
40
|
success: false,
|
|
43
41
|
errorMessage: "Not found",
|
|
44
42
|
});
|
|
45
|
-
|
|
46
|
-
return;
|
|
43
|
+
return reply.code(404).send({ error: "Credential not found" });
|
|
47
44
|
}
|
|
48
45
|
// Decrypt credential blob (opaque - we don't inspect its structure)
|
|
49
46
|
let blob;
|
|
@@ -59,8 +56,7 @@ function createGetCredentialHandler(database, config) {
|
|
|
59
56
|
success: false,
|
|
60
57
|
errorMessage: `Decryption failed: ${message}`,
|
|
61
58
|
});
|
|
62
|
-
|
|
63
|
-
return;
|
|
59
|
+
return reply.code(500).send({ error: "Failed to decrypt credential" });
|
|
64
60
|
}
|
|
65
61
|
const refreshResult = await refreshCredentialOnRead({
|
|
66
62
|
database,
|
|
@@ -72,10 +68,10 @@ function createGetCredentialHandler(database, config) {
|
|
|
72
68
|
expectedUpdatedAt: credential.updatedAt,
|
|
73
69
|
refreshThresholdSeconds: config.refreshThresholdSeconds,
|
|
74
70
|
refreshTimeoutMs: config.refreshTimeoutMs,
|
|
71
|
+
logger: request.log,
|
|
75
72
|
});
|
|
76
73
|
if (refreshResult.status === "not-found") {
|
|
77
|
-
|
|
78
|
-
return;
|
|
74
|
+
return reply.code(404).send({ error: "Credential not found" });
|
|
79
75
|
}
|
|
80
76
|
const finalBlob = refreshResult.blob;
|
|
81
77
|
const finalUpdatedAt = refreshResult.updatedAt;
|
|
@@ -90,14 +86,14 @@ function createGetCredentialHandler(database, config) {
|
|
|
90
86
|
});
|
|
91
87
|
// Set refresh header if token was refreshed
|
|
92
88
|
if (wasRefreshed) {
|
|
93
|
-
|
|
89
|
+
void reply.header("X-Axvault-Refreshed", "true");
|
|
94
90
|
}
|
|
95
91
|
// Set warning header if refresh failed (still return 200 with stale data)
|
|
96
92
|
if (refreshFailed) {
|
|
97
|
-
|
|
93
|
+
void reply.header("X-Axvault-Refresh-Failed", "true");
|
|
98
94
|
}
|
|
99
95
|
// Return the blob along with routing metadata from columns
|
|
100
|
-
|
|
96
|
+
return reply.send({
|
|
101
97
|
name,
|
|
102
98
|
...(credential.agent !== "" && { agent: credential.agent }),
|
|
103
99
|
...(credential.provider !== undefined && {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-credential.js","sourceRoot":"","sources":["../../src/handlers/get-credential.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"get-credential.js","sourceRoot":"","sources":["../../src/handlers/get-credential.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAQ1E;;;;GAIG;AACH,SAAS,0BAA0B,CACjC,QAA2B,EAC3B,MAA2B;IAE3B,OAAO,KAAK,EACV,OAAqD,EACrD,KAAmB,EACJ,EAAE;QACjB,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAE3B,uBAAuB;QACvB,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;YACjC,SAAS,CAAC,QAAQ,EAAE;gBAClB,QAAQ,EAAE,MAAM,CAAC,EAAE;gBACnB,MAAM,EAAE,MAAM;gBACd,cAAc,EAAE,IAAI;gBACpB,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,eAAe;aAC9B,CAAC,CAAC;YACH,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,iCAAiC;QACjC,MAAM,UAAU,GAAG,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAEjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,SAAS,CAAC,QAAQ,EAAE;gBAClB,QAAQ,EAAE,MAAM,CAAC,EAAE;gBACnB,MAAM,EAAE,MAAM;gBACd,cAAc,EAAE,IAAI;gBACpB,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,WAAW;aAC1B,CAAC,CAAC;YACH,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,oEAAoE;QACpE,IAAI,IAAa,CAAC;QAClB,IAAI,CAAC;YACH,IAAI,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,SAAS,CAAC,QAAQ,EAAE;gBAClB,QAAQ,EAAE,MAAM,CAAC,EAAE;gBACnB,MAAM,EAAE,MAAM;gBACd,cAAc,EAAE,IAAI;gBACpB,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,sBAAsB,OAAO,EAAE;aAC9C,CAAC,CAAC;YACH,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,uBAAuB,CAAC;YAClD,QAAQ;YACR,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,IAAI;YACJ,IAAI;YACJ,KAAK,EAAE,UAAU,CAAC,KAAK;YACvB,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,iBAAiB,EAAE,UAAU,CAAC,SAAS;YACvC,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;YACvD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;YACzC,MAAM,EAAE,OAAO,CAAC,GAAG;SACpB,CAAC,CAAC;QAEH,IAAI,aAAa,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YACzC,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC;QACrC,MAAM,cAAc,GAAG,aAAa,CAAC,SAAS,CAAC;QAC/C,MAAM,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC;QAChD,MAAM,aAAa,GAAG,aAAa,CAAC,aAAa,CAAC;QAElD,sBAAsB;QACtB,SAAS,CAAC,QAAQ,EAAE;YAClB,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,MAAM,EAAE,MAAM;YACd,cAAc,EAAE,IAAI;YACpB,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QAEH,4CAA4C;QAC5C,IAAI,YAAY,EAAE,CAAC;YACjB,KAAK,KAAK,CAAC,MAAM,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;QACnD,CAAC;QAED,0EAA0E;QAC1E,IAAI,aAAa,EAAE,CAAC;YAClB,KAAK,KAAK,CAAC,MAAM,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAC;QACxD,CAAC;QAED,2DAA2D;QAC3D,OAAO,KAAK,CAAC,IAAI,CAAC;YAChB,IAAI;YACJ,GAAG,CAAC,UAAU,CAAC,KAAK,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,CAAC;YAC3D,GAAG,CAAC,UAAU,CAAC,QAAQ,KAAK,SAAS,IAAI;gBACvC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC;YACF,GAAG,CAAC,UAAU,CAAC,WAAW,KAAK,SAAS,IAAI;gBAC1C,WAAW,EAAE,UAAU,CAAC,WAAW;aACpC,CAAC;YACF,GAAG,CAAC,UAAU,CAAC,KAAK,KAAK,SAAS,IAAI,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,CAAC;YAClE,UAAU,EAAE,SAAS;YACrB,SAAS,EAAE,cAAc,CAAC,WAAW,EAAE;SACxC,CAAC,CAAC;IACL,CAAC,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,0BAA0B,EAAE,CAAC"}
|
|
@@ -3,13 +3,13 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Returns a single API key by ID.
|
|
5
5
|
*/
|
|
6
|
-
import type {
|
|
6
|
+
import type { FastifyReply, FastifyRequest } from "fastify";
|
|
7
7
|
import type Database from "better-sqlite3";
|
|
8
|
-
/** Handler type for key routes with id param */
|
|
9
|
-
type KeyHandler = RequestHandler<{
|
|
10
|
-
id: string;
|
|
11
|
-
}, unknown, unknown, unknown>;
|
|
12
8
|
/** Get a single API key by ID */
|
|
13
|
-
declare function createGetKeyHandler(database: Database.Database):
|
|
9
|
+
declare function createGetKeyHandler(database: Database.Database): (request: FastifyRequest<{
|
|
10
|
+
Params: {
|
|
11
|
+
id: string;
|
|
12
|
+
};
|
|
13
|
+
}>, reply: FastifyReply) => void;
|
|
14
14
|
export { createGetKeyHandler };
|
|
15
15
|
//# sourceMappingURL=get-key.d.ts.map
|