feat(user): ✨ Revokable API tokens

2022-06-03 13:20:19 +02:00
parent e5d7f1d1ce
commit a0929c492b
20 changed files with 472 additions and 43 deletions
--- a/apps/builder/pages/api/users/[userId]/api-tokens/[tokenId].ts
+++ b/apps/builder/pages/api/users/[userId]/api-tokens/[tokenId].ts
@ -0,0 +1,21 @@
+import { withSentry } from '@sentry/nextjs'
+import prisma from 'libs/prisma'
+import { NextApiRequest, NextApiResponse } from 'next'
+import { getAuthenticatedUser } from 'services/api/utils'
+import { methodNotAllowed, notAuthenticated } from 'utils'
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
+
+  if (req.method === 'DELETE') {
+    const id = req.query.tokenId.toString()
+    const apiToken = await prisma.apiToken.delete({
+      where: { id },
+    })
+    return res.send({ apiToken })
+  }
+  methodNotAllowed(res)
+}
+
+export default withSentry(handler)