serve.zone/dcrouter
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api-tokens): add ability to roll (regenerate) API token secrets and UI to display the newly generated token once

Browse Source
This commit is contained in:
Jürgen Kunz
2026-02-27 10:24:20 +00:00
parent 56f41d70b3
commit dee6897931
8 changed files with 144 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
ts/config/classes.api-token-manager.ts
View File

@@ -122,6 +122,24 @@ export class ApiTokenManager {
return true;
}
/**
* Roll (regenerate) a token's secret while keeping its identity.
* Returns the new raw token value (shown once).
*/
public async rollToken(id: string): Promise<{ id: string; rawToken: string } | null> {
const stored = this.tokens.get(id);
if (!stored) return null;
const randomBytes = plugins.crypto.randomBytes(32);
const rawPayload = `${id}:${randomBytes.toString('base64url')}`;
const rawToken = `${TOKEN_PREFIX_STR}${rawPayload}`;
stored.tokenHash = plugins.crypto.createHash('sha256').update(rawToken).digest('hex');
await this.persistToken(stored);
logger.log('info', `API token '${stored.name}' rolled (id: ${id})`);
return { id, rawToken };
}
/**
* Enable or disable a token.
*/