Generate API keys in admin UI

2019-06-15 10:24:41 +09:30 · 2019-06-15 10:24:41 +09:30 · da38fb6076
parent aabf47fc2d
commit da38fb6076
4 changed files with 47 additions and 1 deletions
--- a/public/javascripts/expressCart.js
+++ b/public/javascripts/expressCart.js
@ -204,6 +204,21 @@ $(document).ready(function (){
        });
    });

+    $(document).on('click', '#btnGenerateAPIkey', function(e){
+        e.preventDefault();
+        $.ajax({
+            method: 'POST',
+            url: '/admin/createApiKey'
+		})
+		.done(function(msg){
+            $('#apiKey').val(msg.apiKey);
+            showNotification(msg.message, 'success', true);
+        })
+        .fail(function(msg){
+            showNotification(msg.responseJSON.message, 'danger');
+        });
+    });
+
    $(document).on('click', '.product_opt_remove', function(e){
        e.preventDefault();
        var name = $(this).closest('li').find('.opt-name').html();
--- a/public/javascripts/expressCart.min.js
+++ b/public/javascripts/expressCart.min.js
--- a/routes/admin.js
+++ b/routes/admin.js
@ -8,6 +8,7 @@ const path = require('path');
 const multer = require('multer');
 const glob = require('glob');
 const mime = require('mime-type/with-db');
+const ObjectId = require('mongodb').ObjectID;
 const router = express.Router();

 // Admin section
@ -166,6 +167,27 @@ router.get('/admin/settings', common.restrict, (req, res) => {
    });
 });

+// settings update
+router.post('/admin/createApiKey', common.restrict, common.checkAccess, async (req, res) => {
+    const db = req.app.db;
+    let result = await db.users.findOneAndUpdate({
+        _id: ObjectId(req.session.userId),
+        isAdmin: true
+    }, {
+        $set: {
+            apiKey: new ObjectId()
+        }
+    }, {
+        returnOriginal: false
+    });
+
+    if(result.value && result.value.apiKey){
+        res.status(200).json({message: 'API Key generated', apiKey: result.value.apiKey});
+        return;
+    }
+    res.status(400).json({message: 'Failed to generate API Key'});
+});
+
 // settings update
 router.post('/admin/settings/update', common.restrict, common.checkAccess, (req, res) => {
    let result = common.updateConfig(req.body);
--- a/views/user_edit.hbs
+++ b/views/user_edit.hbs
@ -30,6 +30,15 @@
                    </div>
                {{/ifCond}}
            {{/isAnAdmin}}
+			<div class="form-group">
+				<label>API Key</label>
+				<div class="input-group">
+					<input type="text" class="form-control" id="apiKey" value="{{user.apiKey}}" aria-label="..." readonly>
+					<div class="input-group-btn">
+						<button id="btnGenerateAPIkey" class="btn btn-success">Generate</button>
+					</div>
+				</div>
+			</div><br/>
 		  	<div class="form-group">
    			<div class="pull-right">
      				<button type="submit" class="btn btn-success">Update</button>