remove api-token

apps/app/src/interfaces/activity.ts

@@ -24,7 +24,8 @@ const ACTION_USER_IMAGE_TYPE_UPDATE = 'USER_IMAGE_TYPE_UPDATE';
 const ACTION_USER_LDAP_ACCOUNT_ASSOCIATE = 'USER_LDAP_ACCOUNT_ASSOCIATE';
 const ACTION_USER_LDAP_ACCOUNT_DISCONNECT = 'USER_LDAP_ACCOUNT_DISCONNECT';
 const ACTION_USER_PASSWORD_UPDATE = 'USER_PASSWORD_UPDATE';
-const ACTION_USER_API_TOKEN_UPDATE = 'USER_API_TOKEN_UPDATE';
+const ACTION_USER_ACCESS_TOKEN_CREATE = 'USER_ACCESS_TOKEN_CREATE';
+const ACTION_USER_ACCESS_TOKEN_DELETE = 'USER_ACCESS_TOKEN_DELETE';
 const ACTION_USER_EDITOR_SETTINGS_UPDATE = 'USER_EDITOR_SETTINGS_UPDATE';
 const ACTION_USER_IN_APP_NOTIFICATION_SETTINGS_UPDATE = 'USER_IN_APP_NOTIFICATION_SETTINGS_UPDATE';
 const ACTION_PAGE_VIEW = 'PAGE_VIEW';
@@ -203,7 +204,8 @@ export const SupportedAction = {
   ACTION_USER_LDAP_ACCOUNT_ASSOCIATE,
   ACTION_USER_LDAP_ACCOUNT_DISCONNECT,
   ACTION_USER_PASSWORD_UPDATE,
-  ACTION_USER_API_TOKEN_UPDATE,
+  ACTION_USER_ACCESS_TOKEN_CREATE,
+  ACTION_USER_ACCESS_TOKEN_DELETE,
   ACTION_USER_EDITOR_SETTINGS_UPDATE,
   ACTION_USER_IN_APP_NOTIFICATION_SETTINGS_UPDATE,
   ACTION_PAGE_VIEW,
@@ -394,7 +396,8 @@ export const MediumActionGroup = {
   ACTION_USER_LDAP_ACCOUNT_ASSOCIATE,
   ACTION_USER_LDAP_ACCOUNT_DISCONNECT,
   ACTION_USER_PASSWORD_UPDATE,
-  ACTION_USER_API_TOKEN_UPDATE,
+  ACTION_USER_ACCESS_TOKEN_CREATE,
+  ACTION_USER_ACCESS_TOKEN_DELETE,
   ACTION_USER_EDITOR_SETTINGS_UPDATE,
   ACTION_USER_IN_APP_NOTIFICATION_SETTINGS_UPDATE,
   ACTION_PAGE_LIKE,

apps/app/src/server/models/user.js

@@ -68,7 +68,6 @@ const factory = (crowi) => {
     // email: { type: String, required: true, unique: true },
     introduction: String,
     password: String,
-    apiToken: { type: String, index: true },
     lang: {
       type: String,
       enum: i18n.locales,
@@ -147,12 +146,6 @@ const factory = (crowi) => {
     return hasher.digest('hex');
   }
 
-  function generateApiToken(user) {
-    const hasher = crypto.createHash('sha256');
-    hasher.update((new Date()).getTime() + user._id);
-
-    return hasher.digest('base64');
-  }
 
   userSchema.methods.isUniqueEmail = async function() {
     const query = this.model('User').find();
@@ -213,14 +206,6 @@ const factory = (crowi) => {
     return userData;
   };
 
-  userSchema.methods.updateApiToken = async function() {
-    const self = this;
-
-    self.apiToken = generateApiToken(this);
-    const userData = await self.save();
-    return userData;
-  };
-
   // TODO: create UserService and transplant this method because image uploading depends on AttachmentService
   userSchema.methods.updateImage = async function(attachment) {
     this.imageAttachment = attachment;
@@ -446,13 +431,6 @@ const factory = (crowi) => {
     return this.findOne({ username });
   };
 
-  userSchema.statics.findUserByApiToken = function(apiToken) {
-    if (apiToken == null) {
-      return Promise.resolve(null);
-    }
-    return this.findOne({ apiToken }).lean();
-  };
-
   userSchema.statics.findUserByGoogleId = function(googleId, callback) {
     if (googleId == null) {
       callback(null, null);