diff options
| author | Mohamed Bassem <me@mbassem.com> | 2025-09-14 16:31:08 +0000 |
|---|---|---|
| committer | Mohamed Bassem <me@mbassem.com> | 2025-09-14 16:31:08 +0000 |
| commit | 7671f4ff7ac5b106c3faa6b59a01f154cb34be99 (patch) | |
| tree | f9445fd05de16117a6f9fb6941a7f0f359d6618d /packages/trpc/routers | |
| parent | 69ef2ffe5e9216b0c0690221fc5679baabdc93ea (diff) | |
| download | karakeep-7671f4ff7ac5b106c3faa6b59a01f154cb34be99.tar.zst | |
feat: Regen api keys
Diffstat (limited to 'packages/trpc/routers')
| -rw-r--r-- | packages/trpc/routers/apiKeys.test.ts | 31 | ||||
| -rw-r--r-- | packages/trpc/routers/apiKeys.ts | 34 |
2 files changed, 64 insertions, 1 deletions
diff --git a/packages/trpc/routers/apiKeys.test.ts b/packages/trpc/routers/apiKeys.test.ts index b3e57db3..1fd2159a 100644 --- a/packages/trpc/routers/apiKeys.test.ts +++ b/packages/trpc/routers/apiKeys.test.ts @@ -141,6 +141,37 @@ describe("API Keys Routes", () => { ); }); }); + describe("regenerate", () => { + test<CustomTestContext>("revokes API key successfully", async ({ + unauthedAPICaller, + db, + }) => { + const user = await unauthedAPICaller.users.create({ + name: "Test User", + email: "test@test.com", + password: "password123", + confirmPassword: "password123", + }); + + const api = getApiCaller(db, user.id, user.email).apiKeys; + + const firstKey = await api.create({ name: "Test Key" }); + const regeneratedKey = await api.regenerate({ id: firstKey.id }); + + // Validate the new key + const validationResult = await unauthedAPICaller.apiKeys.validate({ + apiKey: regeneratedKey.key, + }); + expect(validationResult.success).toBe(true); + + // Validate the old key is revoked + await expect(() => + unauthedAPICaller.apiKeys.validate({ + apiKey: firstKey.key, + }), + ).rejects.toThrow(); + }); + }); describe("revoke", () => { test<CustomTestContext>("revokes API key successfully", async ({ diff --git a/packages/trpc/routers/apiKeys.ts b/packages/trpc/routers/apiKeys.ts index dc3a3527..93b7d9ec 100644 --- a/packages/trpc/routers/apiKeys.ts +++ b/packages/trpc/routers/apiKeys.ts @@ -5,7 +5,12 @@ import { z } from "zod"; import { apiKeys } from "@karakeep/db/schema"; import serverConfig from "@karakeep/shared/config"; -import { authenticateApiKey, generateApiKey, validatePassword } from "../auth"; +import { + authenticateApiKey, + generateApiKey, + regenerateApiKey, + validatePassword, +} from "../auth"; import { authedProcedure, createRateLimitMiddleware, @@ -31,6 +36,33 @@ export const apiKeysAppRouter = router({ .mutation(async ({ input, ctx }) => { return await generateApiKey(input.name, ctx.user.id, ctx.db); }), + regenerate: authedProcedure + .input( + z.object({ + id: z.string(), + }), + ) + .output(zApiKeySchema) + .mutation(async ({ input, ctx }) => { + // Find the existing API key to get its name + const existingKey = await ctx.db.query.apiKeys.findFirst({ + where: and(eq(apiKeys.id, input.id), eq(apiKeys.userId, ctx.user.id)), + }); + + if (!existingKey) { + throw new TRPCError({ + message: "API key not found", + code: "NOT_FOUND", + }); + } + + return { + id: existingKey.id, + name: existingKey.name, + createdAt: existingKey.createdAt, + key: await regenerateApiKey(existingKey.id, ctx.user.id, ctx.db), + }; + }), revoke: authedProcedure .input( z.object({ |