Merge pull request #9526 from nocodb/nc-refactor/api-token

Nc refactor/api token
2 months ago · 2157a60a87
10 changed files with 43 additions and 32 deletions
--- a/packages/nc-gui/components/account/Token.vue
+++ b/packages/nc-gui/components/account/Token.vue
@ -140,7 +140,8 @@ const isValidTokenName = ref(false)
 const deleteToken = async (token: string): Promise<void> => {
  try {
-    await api.orgTokens.delete(token)
+    const id = allTokens.value.find((t) => t.token === token)?.id
    await api.orgTokens.delete(id)
    // message.success(t('msg.success.tokenDeleted'))
    await loadTokens()
--- a/packages/nc-gui/components/tabs/auth/ApiTokenManagement.vue
+++ b/packages/nc-gui/components/tabs/auth/ApiTokenManagement.vue
@ -67,7 +67,7 @@ const deleteToken = async () => {
  try {
    if (!base.value?.id || !selectedTokenData.value.token) return
-    await $api.apiToken.delete(base.value.id, selectedTokenData.value.token)
+    await $api.apiToken.delete(base.value.id, selectedTokenData.value.id)
    // Token deleted successfully
    message.success(t('msg.success.tokenDeleted'))
--- a/packages/nocodb/src/controllers/api-tokens.controller.ts
+++ b/packages/nocodb/src/controllers/api-tokens.controller.ts
@ -47,13 +47,13 @@ export class ApiTokensController {
  }
  @Delete([
-    '/api/v1/db/meta/projects/:baseId/api-tokens/:token',
+    '/api/v1/db/meta/projects/:baseId/api-tokens/:tokenId',
-    '/api/v2/meta/bases/:baseId/api-tokens/:token',
+    '/api/v2/meta/bases/:baseId/api-tokens/:tokenId',
  ])
  @Acl('baseApiTokenDelete')
-  async apiTokenDelete(@Req() req: NcRequest, @Param('token') token: string) {
+  async apiTokenDelete(@Req() req: NcRequest, @Param('tokenId') tokenId: string) {
    return await this.apiTokensService.apiTokenDelete({
-      token,
+      tokenId,
      user: req['user'],
      req,
    });
--- a/packages/nocodb/src/controllers/org-tokens.controller.ts
+++ b/packages/nocodb/src/controllers/org-tokens.controller.ts
@ -55,15 +55,15 @@ export class OrgTokensController {
    });
  }
-  @Delete('/api/v1/tokens/:token')
+  @Delete('/api/v1/tokens/:tokenId')
  @Acl('apiTokenDelete', {
    scope: 'org',
    // allowedRoles: [OrgUserRoles.SUPER],
    blockApiTokenAccess: true,
  })
-  async apiTokenDelete(@Req() req: NcRequest, @Param('token') token: string) {
+  async apiTokenDelete(@Req() req: NcRequest, @Param('tokenId') tokenId: string) {
    await this.orgTokensService.apiTokenDelete({
-      token,
+      tokenId,
      user: req['user'],
      req,
    });
--- a/packages/nocodb/src/models/ApiToken.ts
+++ b/packages/nocodb/src/models/ApiToken.ts
@ -66,16 +66,17 @@ export default class ApiToken implements ApiTokenType {
    return tokens?.map((t) => new ApiToken(t));
  }
-  static async delete(token, ncMeta = Noco.ncMeta) {
+  static async delete(tokenId: string, ncMeta = Noco.ncMeta) {
    const tokenData = await this.get(tokenId, ncMeta);
    await NocoCache.deepDel(
-      `${CacheScope.API_TOKEN}:${token}`,
+      `${CacheScope.API_TOKEN}:${tokenData.id}`,
      CacheDelDirection.CHILD_TO_PARENT,
    );
    return await ncMeta.metaDelete(
      RootScopes.ROOT,
      RootScopes.ROOT,
      MetaTable.API_TOKENS,
-      { token },
+      tokenId,
    );
  }
@ -165,4 +166,13 @@ export default class ApiToken implements ApiTokenType {
    return queryBuilder;
  }
  static async get(tokenId: string, ncMeta = Noco.ncMeta) {
    return await ncMeta.metaGet(
      RootScopes.ROOT,
      RootScopes.ROOT,
      MetaTable.API_TOKENS,
      tokenId,
    );
  }
 }
--- a/packages/nocodb/src/schema/swagger-v2.json
+++ b/packages/nocodb/src/schema/swagger-v2.json
@ -11544,7 +11544,7 @@
        }
      ]
    },
-    "/api/v2/meta/bases/{baseId}/api-tokens/{token}": {
+    "/api/v2/meta/bases/{baseId}/api-tokens/{tokenId}": {
      "delete": {
        "summary": "Delete API Token",
        "operationId": "api-token-delete",
@ -11594,12 +11594,12 @@
        {
          "schema": {
            "type": "string",
-            "example": "DYh540o8hbWpUGdarekECKLdN5OhlgCUWutVJYX2"
+            "example": "DYh540o8hbWp"
          },
-          "name": "token",
+          "name": "tokenId",
          "in": "path",
          "required": true,
-          "description": "API Token"
+          "description": "API Token ID"
        }
      ]
    },
--- a/packages/nocodb/src/schema/swagger.json
+++ b/packages/nocodb/src/schema/swagger.json
@ -819,16 +819,16 @@
        "description": "Creat an organisation API token. Access with API tokens will be blocked."
      }
    },
-    "/api/v1/tokens/{token}": {
+    "/api/v1/tokens/{tokenId}": {
      "parameters": [
        {
          "schema": {
            "type": "string"
          },
-          "name": "token",
+          "name": "tokenId",
          "in": "path",
          "required": true,
-          "description": "API Token"
+          "description": "API Token ID"
        }
      ],
      "delete": {
@ -16429,7 +16429,7 @@
        }
      ]
    },
-    "/api/v1/db/meta/projects/{baseId}/api-tokens/{token}": {
+    "/api/v1/db/meta/projects/{baseId}/api-tokens/{tokenId}": {
      "delete": {
        "summary": "Delete API Token",
        "operationId": "api-token-delete",
@ -16479,12 +16479,12 @@
        {
          "schema": {
            "type": "string",
-            "example": "DYh540o8hbWpUGdarekECKLdN5OhlgCUWutVJYX2"
+            "example": "DYh540o8hbWpU"
          },
-          "name": "token",
+          "name": "tokenId",
          "in": "path",
          "required": true,
-          "description": "API Token"
+          "description": "API Token ID"
        }
      ]
    },
--- a/packages/nocodb/src/services/api-tokens.service.ts
+++ b/packages/nocodb/src/services/api-tokens.service.ts
@ -37,8 +37,8 @@ export class ApiTokensService {
    });
  }
-  async apiTokenDelete(param: { token; user: User; req: NcRequest }) {
+  async apiTokenDelete(param: { tokenId: string; user: User; req: NcRequest }) {
-    const apiToken = await ApiToken.getByToken(context, param.token);
+    const apiToken = await ApiToken.get(param.tokenId);
    if (
      !extractRolesObj(param.user.roles)[OrgUserRoles.SUPER_ADMIN] &&
      apiToken.fk_user_id !== param.user.id
@ -48,11 +48,11 @@ export class ApiTokensService {
    this.appHooksService.emit(AppEvents.API_TOKEN_DELETE, {
      userId: param.user?.id,
-      token: param.token,
+      tokenId: param.tokenId,
      req: param.req,
    });
    // todo: verify token belongs to the user
-    return await ApiToken.delete(context, param.token);
+    return await ApiToken.delete(param.tokenId);
  }
 }
--- a/packages/nocodb/src/services/app-hooks/interfaces.ts
+++ b/packages/nocodb/src/services/app-hooks/interfaces.ts
@ -176,7 +176,7 @@ export interface ApiTokenCreateEvent extends NcBaseEvent {
 export interface ApiTokenDeleteEvent extends NcBaseEvent {
  userId: string;
-  token: string;
+  tokenId: string;
 }
 export interface PluginTestEvent extends NcBaseEvent {
--- a/packages/nocodb/src/services/org-tokens.service.ts
+++ b/packages/nocodb/src/services/org-tokens.service.ts
@ -61,19 +61,19 @@ export class OrgTokensService {
    return apiToken;
  }
-  async apiTokenDelete(param: { user: User; token: string; req: NcRequest }) {
+  async apiTokenDelete(param: { user: User; tokenId: string; req: NcRequest }) {
    const fk_user_id = param.user.id;
-    const apiToken = await ApiToken.getByToken(param.token);
+    const apiToken = await ApiToken.get(param.tokenId);
    if (
      !extractRolesObj(param.user.roles)[OrgUserRoles.SUPER_ADMIN] &&
      apiToken.fk_user_id !== fk_user_id
    ) {
      NcError.notFound('Token not found');
    }
-    const res = await ApiToken.delete(param.token);
+    const res = await ApiToken.delete(param.tokenId);
    this.appHooksService.emit(AppEvents.ORG_API_TOKEN_DELETE, {
-      token: param.token,
+      tokenId: param.tokenId,
      userId: param.user?.id,
      req: param['req'],
    });