misskey/packages/backend/src/server/api/authenticate.ts

import isNativeToken from './common/is-native-token.js';
import { CacheableLocalUser, ILocalUser } from '@/models/entities/user.js';
import { Users, AccessTokens, Apps } from '@/models/index.js';
import { AccessToken } from '@/models/entities/access-token.js';
import { Cache } from '@/misc/cache.js';
import { App } from '@/models/entities/app.js';
import { localUserByIdCache, localUserByNativeTokenCache } from '@/services/user-cache.js';

const appCache = new Cache<App>(Infinity);

export class AuthenticationError extends Error {
	constructor(message: string) {
		super(message);
		this.name = 'AuthenticationError';
	}
}

export default async (token: string | null): Promise<[CacheableLocalUser | null | undefined, AccessToken | null | undefined]> => {
	if (token == null) {
		return [null, null];
	}

	if (isNativeToken(token)) {
		const user = await localUserByNativeTokenCache.fetch(token,
			() => Users.findOneBy({ token }) as Promise<ILocalUser | null>);

		if (user == null) {
			throw new AuthenticationError('user not found');
		}

		return [user, null];
	} else {
		const accessToken = await AccessTokens.findOne({
			where: [{
				hash: token.toLowerCase(), // app
			}, {
				token: token, // miauth
			}],
		});

		if (accessToken == null) {
			throw new AuthenticationError('invalid signature');
		}

		AccessTokens.update(accessToken.id, {
			lastUsedAt: new Date(),
		});

		const user = await localUserByIdCache.fetch(accessToken.userId,
			() => Users.findOneBy({
				id: accessToken.userId,
			}) as Promise<ILocalUser>);

		if (accessToken.appId) {
			const app = await appCache.fetch(accessToken.appId,
				() => Apps.findOneByOrFail({ id: accessToken.appId! }));

			return [user, {
				id: accessToken.id,
				permission: app.permission,
			} as AccessToken];
		} else {
			return [user, accessToken];
		}
	}
};
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 03:07:39 +01:00			`import isNativeToken from './common/is-native-token.js';`
perf(server): refactor and performance improvements 2022-03-25 08:27:41 +01:00			`import { CacheableLocalUser, ILocalUser } from '@/models/entities/user.js';`
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 03:07:39 +01:00			`import { Users, AccessTokens, Apps } from '@/models/index.js';`
			`import { AccessToken } from '@/models/entities/access-token.js';`
perf(server): refactor and performance improvements 2022-03-25 08:27:41 +01:00			`import { Cache } from '@/misc/cache.js';`
			`import { App } from '@/models/entities/app.js';`
			`import { localUserByIdCache, localUserByNativeTokenCache } from '@/services/user-cache.js';`

			`const appCache = new Cache<App>(Infinity);`
Improve API performance 2021-03-18 02:19:30 +01:00
API AuthenticateでDB接続エラーなどが発生するとログアウトさせられてしまうのを修正 Fix #7603 (#7604) 2021-07-17 17:53:16 +02:00			`export class AuthenticationError extends Error {`
			`constructor(message: string) {`
			`super(message);`
			`this.name = 'AuthenticationError';`
			`}`
			`}`

perf(server): refactor and performance improvements 2022-03-25 08:27:41 +01:00			`export default async (token: string \| null): Promise<[CacheableLocalUser \| null \| undefined, AccessToken \| null \| undefined]> => {`
アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-05 17:28:16 +01:00			`if (token == null) {`
Refactoring 2019-01-23 11:25:36 +01:00			`return [null, null];`
アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-05 17:28:16 +01:00			`}`

Refactor: Extract isNativeToken method 2017-01-06 03:07:42 +01:00			`if (isNativeToken(token)) {`
perf(server): refactor and performance improvements 2022-03-25 08:27:41 +01:00			`const user = await localUserByNativeTokenCache.fetch(token,`
refactor: migrate to typeorm 3.0 (#8443) * wip * wip * wip * Update following.ts * wip * wip * wip * Update resolve-user.ts * maxQueryExecutionTime * wip * wip 2022-03-26 07:34:00 +01:00			`() => Users.findOneBy({ token }) as Promise<ILocalUser \| null>);`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00
Use PostgreSQL instead of MongoDB (#4572) * wip * Update note.ts * Update timeline.ts * Update core.ts * wip * Update generate-visibility-query.ts * wip * wip * wip * wip * wip * Update global-timeline.ts * wip * wip * wip * Update vote.ts * wip * wip * Update create.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update files.ts * wip * wip * Update CONTRIBUTING.md * wip * wip * wip * wip * wip * wip * wip * wip * Update read-notification.ts * wip * wip * wip * wip * wip * wip * wip * Update cancel.ts * wip * wip * wip * Update show.ts * wip * wip * Update gen-id.ts * Update create.ts * Update id.ts * wip * wip * wip * wip * wip * wip * wip * Docker: Update files about Docker (#4599) * Docker: Use cache if files used by `yarn install` was not updated This patch reduces the number of times to installing node_modules. For example, `yarn install` step will be skipped when only ".config/default.yml" is updated. * Docker: Migrate MongoDB to Postgresql Misskey uses Postgresql as a database instead of Mongodb since version 11. * Docker: Uncomment about data persistence This patch will save a lot of databases. * wip * wip * wip * Update activitypub.ts * wip * wip * wip * Update logs.ts * wip * Update drive-file.ts * Update register.ts * wip * wip * Update mentions.ts * wip * wip * wip * Update recommendation.ts * wip * Update index.ts * wip * Update recommendation.ts * Doc: Update docker.ja.md and docker.en.md (#1) (#4608) Update how to set up misskey. * wip * :v: * wip * Update note.ts * Update postgre.ts * wip * wip * wip * wip * Update add-file.ts * wip * wip * wip * Clean up * Update logs.ts * wip * :pizza: * wip * Ad notes * wip * Update api-visibility.ts * Update note.ts * Update add-file.ts * tests * tests * Update postgre.ts * Update utils.ts * wip * wip * Refactor * wip * Refactor * wip * wip * Update show-users.ts * Update update-instance.ts * wip * Update feed.ts * Update outbox.ts * Update outbox.ts * Update user.ts * wip * Update list.ts * Update update-hashtag.ts * wip * Update update-hashtag.ts * Refactor * Update update.ts * wip * wip * :v: * clean up * docs * Update push.ts * wip * Update api.ts * wip * :v: * Update make-pagination-query.ts * :v: * Delete hashtags.ts * Update instances.ts * Update instances.ts * Update create.ts * Update search.ts * Update reversi-game.ts * Update signup.ts * Update user.ts * id * Update example.yml * :art: * objectid * fix * reversi * reversi * Fix bug of chart engine * Add test of chart engine * Improve test * Better testing * Improve chart engine * Refactor * Add test of chart engine * Refactor * Add chart test * Fix bug * コミットし忘れ * Refactoring * :v: * Add tests * Add test * Extarct note tests * Refactor * 存在しないユーザーにメンションできなくなっていた問題を修正 * Fix bug * Update update-meta.ts * Fix bug * Update mention.vue * Fix bug * Update meta.ts * Update CONTRIBUTING.md * Fix bug * Fix bug * Fix bug * Clean up * Clean up * Update notification.ts * Clean up * Add mute tests * Add test * Refactor * Add test * Fix test * Refactor * Refactor * Add tests * Update utils.ts * Update utils.ts * Fix test * Update package.json * Update update.ts * Update manifest.ts * Fix bug * Fix bug * Add test * :art: * Update endpoint permissions * Updaye permisison * Update person.ts #4299 * データベースと同期しないように * Fix bug * Fix bug * Update reversi-game.ts * Use a feature of Node v11.7.0 to extract a public key (#4644) * wip * wip * :v: * Refactoring #1540 * test * test * test * test * test * test * test * Fix bug * Fix test * :sushi: * wip * #4471 * Add test for #4335 * Refactor * Fix test * Add tests * :clock4: * Fix bug * Add test * Add test * rename * Fix bug 2019-04-07 14:50:36 +02:00			`if (user == null) {`
API AuthenticateでDB接続エラーなどが発生するとログアウトさせられてしまうのを修正 Fix #7603 (#7604) 2021-07-17 17:53:16 +02:00			`throw new AuthenticationError('user not found');`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00			`}`

Refactoring 2019-01-23 11:25:36 +01:00			`return [user, null];`
アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-05 17:28:16 +01:00			`} else {`
Use PostgreSQL instead of MongoDB (#4572) * wip * Update note.ts * Update timeline.ts * Update core.ts * wip * Update generate-visibility-query.ts * wip * wip * wip * wip * wip * Update global-timeline.ts * wip * wip * wip * Update vote.ts * wip * wip * Update create.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update files.ts * wip * wip * Update CONTRIBUTING.md * wip * wip * wip * wip * wip * wip * wip * wip * Update read-notification.ts * wip * wip * wip * wip * wip * wip * wip * Update cancel.ts * wip * wip * wip * Update show.ts * wip * wip * Update gen-id.ts * Update create.ts * Update id.ts * wip * wip * wip * wip * wip * wip * wip * Docker: Update files about Docker (#4599) * Docker: Use cache if files used by `yarn install` was not updated This patch reduces the number of times to installing node_modules. For example, `yarn install` step will be skipped when only ".config/default.yml" is updated. * Docker: Migrate MongoDB to Postgresql Misskey uses Postgresql as a database instead of Mongodb since version 11. * Docker: Uncomment about data persistence This patch will save a lot of databases. * wip * wip * wip * Update activitypub.ts * wip * wip * wip * Update logs.ts * wip * Update drive-file.ts * Update register.ts * wip * wip * Update mentions.ts * wip * wip * wip * Update recommendation.ts * wip * Update index.ts * wip * Update recommendation.ts * Doc: Update docker.ja.md and docker.en.md (#1) (#4608) Update how to set up misskey. * wip * :v: * wip * Update note.ts * Update postgre.ts * wip * wip * wip * wip * Update add-file.ts * wip * wip * wip * Clean up * Update logs.ts * wip * :pizza: * wip * Ad notes * wip * Update api-visibility.ts * Update note.ts * Update add-file.ts * tests * tests * Update postgre.ts * Update utils.ts * wip * wip * Refactor * wip * Refactor * wip * wip * Update show-users.ts * Update update-instance.ts * wip * Update feed.ts * Update outbox.ts * Update outbox.ts * Update user.ts * wip * Update list.ts * Update update-hashtag.ts * wip * Update update-hashtag.ts * Refactor * Update update.ts * wip * wip * :v: * clean up * docs * Update push.ts * wip * Update api.ts * wip * :v: * Update make-pagination-query.ts * :v: * Delete hashtags.ts * Update instances.ts * Update instances.ts * Update create.ts * Update search.ts * Update reversi-game.ts * Update signup.ts * Update user.ts * id * Update example.yml * :art: * objectid * fix * reversi * reversi * Fix bug of chart engine * Add test of chart engine * Improve test * Better testing * Improve chart engine * Refactor * Add test of chart engine * Refactor * Add chart test * Fix bug * コミットし忘れ * Refactoring * :v: * Add tests * Add test * Extarct note tests * Refactor * 存在しないユーザーにメンションできなくなっていた問題を修正 * Fix bug * Update update-meta.ts * Fix bug * Update mention.vue * Fix bug * Update meta.ts * Update CONTRIBUTING.md * Fix bug * Fix bug * Fix bug * Clean up * Clean up * Update notification.ts * Clean up * Add mute tests * Add test * Refactor * Add test * Fix test * Refactor * Refactor * Add tests * Update utils.ts * Update utils.ts * Fix test * Update package.json * Update update.ts * Update manifest.ts * Fix bug * Fix bug * Add test * :art: * Update endpoint permissions * Updaye permisison * Update person.ts #4299 * データベースと同期しないように * Fix bug * Fix bug * Update reversi-game.ts * Use a feature of Node v11.7.0 to extract a public key (#4644) * wip * wip * :v: * Refactoring #1540 * test * test * test * test * test * test * test * Fix bug * Fix test * :sushi: * wip * #4471 * Add test for #4335 * Refactor * Fix test * Add tests * :clock4: * Fix bug * Add test * Add test * rename * Fix bug 2019-04-07 14:50:36 +02:00			`const accessToken = await AccessTokens.findOne({`
fix(api): Fix #6419 Close #6434 2020-06-03 06:19:07 +02:00			`where: [{`
fix lint 2021-12-09 15:58:30 +01:00			`hash: token.toLowerCase(), // app`
fix(api): Fix #6419 Close #6434 2020-06-03 06:19:07 +02:00			`}, {`
fix lint 2021-12-09 15:58:30 +01:00			`token: token, // miauth`
fix(api): Fix #6419 Close #6434 2020-06-03 06:19:07 +02:00			`}],`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00			`});`

Use PostgreSQL instead of MongoDB (#4572) * wip * Update note.ts * Update timeline.ts * Update core.ts * wip * Update generate-visibility-query.ts * wip * wip * wip * wip * wip * Update global-timeline.ts * wip * wip * wip * Update vote.ts * wip * wip * Update create.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update files.ts * wip * wip * Update CONTRIBUTING.md * wip * wip * wip * wip * wip * wip * wip * wip * Update read-notification.ts * wip * wip * wip * wip * wip * wip * wip * Update cancel.ts * wip * wip * wip * Update show.ts * wip * wip * Update gen-id.ts * Update create.ts * Update id.ts * wip * wip * wip * wip * wip * wip * wip * Docker: Update files about Docker (#4599) * Docker: Use cache if files used by `yarn install` was not updated This patch reduces the number of times to installing node_modules. For example, `yarn install` step will be skipped when only ".config/default.yml" is updated. * Docker: Migrate MongoDB to Postgresql Misskey uses Postgresql as a database instead of Mongodb since version 11. * Docker: Uncomment about data persistence This patch will save a lot of databases. * wip * wip * wip * Update activitypub.ts * wip * wip * wip * Update logs.ts * wip * Update drive-file.ts * Update register.ts * wip * wip * Update mentions.ts * wip * wip * wip * Update recommendation.ts * wip * Update index.ts * wip * Update recommendation.ts * Doc: Update docker.ja.md and docker.en.md (#1) (#4608) Update how to set up misskey. * wip * :v: * wip * Update note.ts * Update postgre.ts * wip * wip * wip * wip * Update add-file.ts * wip * wip * wip * Clean up * Update logs.ts * wip * :pizza: * wip * Ad notes * wip * Update api-visibility.ts * Update note.ts * Update add-file.ts * tests * tests * Update postgre.ts * Update utils.ts * wip * wip * Refactor * wip * Refactor * wip * wip * Update show-users.ts * Update update-instance.ts * wip * Update feed.ts * Update outbox.ts * Update outbox.ts * Update user.ts * wip * Update list.ts * Update update-hashtag.ts * wip * Update update-hashtag.ts * Refactor * Update update.ts * wip * wip * :v: * clean up * docs * Update push.ts * wip * Update api.ts * wip * :v: * Update make-pagination-query.ts * :v: * Delete hashtags.ts * Update instances.ts * Update instances.ts * Update create.ts * Update search.ts * Update reversi-game.ts * Update signup.ts * Update user.ts * id * Update example.yml * :art: * objectid * fix * reversi * reversi * Fix bug of chart engine * Add test of chart engine * Improve test * Better testing * Improve chart engine * Refactor * Add test of chart engine * Refactor * Add chart test * Fix bug * コミットし忘れ * Refactoring * :v: * Add tests * Add test * Extarct note tests * Refactor * 存在しないユーザーにメンションできなくなっていた問題を修正 * Fix bug * Update update-meta.ts * Fix bug * Update mention.vue * Fix bug * Update meta.ts * Update CONTRIBUTING.md * Fix bug * Fix bug * Fix bug * Clean up * Clean up * Update notification.ts * Clean up * Add mute tests * Add test * Refactor * Add test * Fix test * Refactor * Refactor * Add tests * Update utils.ts * Update utils.ts * Fix test * Update package.json * Update update.ts * Update manifest.ts * Fix bug * Fix bug * Add test * :art: * Update endpoint permissions * Updaye permisison * Update person.ts #4299 * データベースと同期しないように * Fix bug * Fix bug * Update reversi-game.ts * Use a feature of Node v11.7.0 to extract a public key (#4644) * wip * wip * :v: * Refactoring #1540 * test * test * test * test * test * test * test * Fix bug * Fix test * :sushi: * wip * #4471 * Add test for #4335 * Refactor * Fix test * Add tests * :clock4: * Fix bug * Add test * Add test * rename * Fix bug 2019-04-07 14:50:36 +02:00			`if (accessToken == null) {`
API AuthenticateでDB接続エラーなどが発生するとログアウトさせられてしまうのを修正 Fix #7603 (#7604) 2021-07-17 17:53:16 +02:00			`throw new AuthenticationError('invalid signature');`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00			`}`

Implement MiAuth 2020-03-28 03:24:37 +01:00			`AccessTokens.update(accessToken.id, {`
			`lastUsedAt: new Date(),`
			`});`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00
perf(server): refactor and performance improvements 2022-03-25 08:27:41 +01:00			`const user = await localUserByIdCache.fetch(accessToken.userId,`
refactor: migrate to typeorm 3.0 (#8443) * wip * wip * wip * Update following.ts * wip * wip * wip * Update resolve-user.ts * maxQueryExecutionTime * wip * wip 2022-03-26 07:34:00 +01:00			`() => Users.findOneBy({`
			`id: accessToken.userId,`
perf(server): refactor and performance improvements 2022-03-25 08:27:41 +01:00			`}) as Promise<ILocalUser>);`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00
Implement MiAuth 2020-03-28 03:24:37 +01:00			`if (accessToken.appId) {`
perf(server): refactor and performance improvements 2022-03-25 08:27:41 +01:00			`const app = await appCache.fetch(accessToken.appId,`
refactor: migrate to typeorm 3.0 (#8443) * wip * wip * wip * Update following.ts * wip * wip * wip * Update resolve-user.ts * maxQueryExecutionTime * wip * wip 2022-03-26 07:34:00 +01:00			`() => Apps.findOneByOrFail({ id: accessToken.appId! }));`
Implement MiAuth 2020-03-28 03:24:37 +01:00
			`return [user, {`
Resolve #6192 2020-03-28 10:07:41 +01:00			`id: accessToken.id,`
fix lint 2021-12-09 15:58:30 +01:00			`permission: app.permission,`
Resolve #6192 2020-03-28 10:07:41 +01:00			`} as AccessToken];`
Implement MiAuth 2020-03-28 03:24:37 +01:00			`} else {`
Resolve #6192 2020-03-28 10:07:41 +01:00			`return [user, accessToken];`
Implement MiAuth 2020-03-28 03:24:37 +01:00			`}`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00			`}`
Refactoring 2019-01-23 11:25:36 +01:00			`};`