This should prevent problem with the AuthToken purge on Sundays, as the service is either running on sunday or will be restarted there after.
Also move base64url comment to right function
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This should prevent problem with the AuthToken purge on Sundays, as the service is either running on sunday or will be restarted there after.
Also move base64url comment to right function
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This is a very high ceiling unlikely to hinder legitimate usage, but should prevent possible attack vectors
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Add number type alias TimestampMillis
Remove solved ToDos
Change AuthToken and AuthTokenDto to use Date
Rename authService unit tests
Signed-off-by: Philip Molares <philip.molares@udo.edu>
adds auth service
adds auth module
adds token-auth strategy
adds token-auth to all public api calls
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Add labels to most Joi objects
Convert all auth variable insert names to upper case to prevent inconsistent naming of the variables
Rewrite auth errors to correctly point out the problematic variable
Add tests for the config utils functions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As explained in https://github.com/nestjs/swagger/issues/32#issuecomment-716169471, it's possible to register swagger metadata in custom decorators by providing an array of `enhancers`.
We now add metadata with the `MarkdownBody` decorator: The request needs a `body` with content-type `text/markdown`.
Signed-off-by: David Mehren <git@herrmehren.de>
This commit adds proper error handling and returns 404 when a note does not exist.
Previously, we leaked the `NotInDBError` and sent a 500 status code.
Signed-off-by: David Mehren <git@herrmehren.de>