137 lines
3.7 KiB
TypeScript
137 lines
3.7 KiB
TypeScript
import express from 'express';
|
|
import { ApiKeyService } from '../../services/ApiKeyService';
|
|
import { validateApiKey } from '../../middleware/auth/validateApiKey';
|
|
import { requireMasterKey } from '../../middleware/auth/requireMasterKey';
|
|
|
|
const router = express.Router();
|
|
const apiKeyService = new ApiKeyService();
|
|
|
|
// All admin routes require master key
|
|
router.use(validateApiKey);
|
|
router.use(requireMasterKey);
|
|
|
|
/**
|
|
* Create a new API key
|
|
* POST /api/admin/keys
|
|
*/
|
|
router.post('/', async (req, res) => {
|
|
try {
|
|
const { type, projectId, name, expiresInDays } = req.body;
|
|
|
|
// Validation
|
|
if (!type || !['master', 'project'].includes(type)) {
|
|
return res.status(400).json({
|
|
error: 'Invalid type',
|
|
message: 'Type must be either "master" or "project"',
|
|
});
|
|
}
|
|
|
|
if (type === 'project' && !projectId) {
|
|
return res.status(400).json({
|
|
error: 'Missing projectId',
|
|
message: 'Project keys require a projectId',
|
|
});
|
|
}
|
|
|
|
// Create key
|
|
const result = type === 'master'
|
|
? await apiKeyService.createMasterKey(name, req.apiKey!.id)
|
|
: await apiKeyService.createProjectKey(
|
|
projectId,
|
|
name,
|
|
req.apiKey!.id,
|
|
expiresInDays || 90
|
|
);
|
|
|
|
console.log(`[${new Date().toISOString()}] New API key created by admin: ${result.metadata.id} (${result.metadata.keyType}) - by: ${req.apiKey!.id}`);
|
|
|
|
res.status(201).json({
|
|
apiKey: result.key,
|
|
metadata: {
|
|
id: result.metadata.id,
|
|
type: result.metadata.keyType,
|
|
projectId: result.metadata.projectId,
|
|
name: result.metadata.name,
|
|
expiresAt: result.metadata.expiresAt,
|
|
scopes: result.metadata.scopes,
|
|
createdAt: result.metadata.createdAt,
|
|
},
|
|
message: 'IMPORTANT: Save this key securely. You will not see it again!',
|
|
});
|
|
} catch (error) {
|
|
console.error(`[${new Date().toISOString()}] Error creating API key:`, error);
|
|
res.status(500).json({
|
|
error: 'Failed to create API key',
|
|
message: 'An error occurred while creating the key',
|
|
});
|
|
}
|
|
});
|
|
|
|
/**
|
|
* List all API keys
|
|
* GET /api/admin/keys
|
|
*/
|
|
router.get('/', async (req, res) => {
|
|
try {
|
|
const keys = await apiKeyService.listKeys();
|
|
|
|
// Don't expose key hashes
|
|
const safeKeys = keys.map(key => ({
|
|
id: key.id,
|
|
type: key.keyType,
|
|
projectId: key.projectId,
|
|
name: key.name,
|
|
scopes: key.scopes,
|
|
isActive: key.isActive,
|
|
createdAt: key.createdAt,
|
|
expiresAt: key.expiresAt,
|
|
lastUsedAt: key.lastUsedAt,
|
|
createdBy: key.createdBy,
|
|
}));
|
|
|
|
res.json({
|
|
keys: safeKeys,
|
|
total: safeKeys.length,
|
|
});
|
|
} catch (error) {
|
|
console.error(`[${new Date().toISOString()}] Error listing API keys:`, error);
|
|
res.status(500).json({
|
|
error: 'Failed to list keys',
|
|
message: 'An error occurred while fetching keys',
|
|
});
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Revoke an API key
|
|
* DELETE /api/admin/keys/:keyId
|
|
*/
|
|
router.delete('/:keyId', async (req, res) => {
|
|
try {
|
|
const { keyId } = req.params;
|
|
|
|
const success = await apiKeyService.revokeKey(keyId);
|
|
|
|
if (!success) {
|
|
return res.status(404).json({
|
|
error: 'Key not found',
|
|
message: 'The specified API key does not exist',
|
|
});
|
|
}
|
|
|
|
console.log(`[${new Date().toISOString()}] API key revoked: ${keyId} - by: ${req.apiKey!.id}`);
|
|
|
|
res.json({
|
|
message: 'API key revoked successfully',
|
|
keyId,
|
|
});
|
|
} catch (error) {
|
|
console.error(`[${new Date().toISOString()}] Error revoking API key:`, error);
|
|
res.status(500).json({
|
|
error: 'Failed to revoke key',
|
|
message: 'An error occurred while revoking the key',
|
|
});
|
|
}
|
|
});
|
|
|
|
export default router; |