enhance(api): アクセストークンを作成する際、createdAtをlastUsedAtを揃えるようにして、未使用かどうかを判定できるように

2bdcd22a · syuilo · f73a4e13 · 2bdcd22a · 2bdcd22a
Commit 2bdcd22a authored 4 years ago by syuilo
--- a/src/server/api/endpoints/auth/accept.ts
+++ b/src/server/api/endpoints/auth/accept.ts
@@ -56,11 +56,13 @@ export default define(meta, async (ps, user) => {
 		sha256.update(accessToken + app.secret);
 		const hash = sha256.digest('hex');

+		const now = new Date();
+
 		// Insert access token doc
 		await AccessTokens.save({
 			id: genId(),
-			createdAt: new Date(),
-			lastUsedAt: new Date(),
+			createdAt: now,
+			lastUsedAt: now,
 			appId: session.appId,
 			userId: user.id,
 			token: accessToken,

--- a/src/server/api/endpoints/miauth/gen-token.ts
+++ b/src/server/api/endpoints/miauth/gen-token.ts
@@ -38,11 +38,13 @@ export default define(meta, async (ps, user) => {
 	// Generate access token
 	const accessToken = secureRndstr(32, true);

+	const now = new Date();
+
 	// Insert access token doc
 	await AccessTokens.save({
 		id: genId(),
-		createdAt: new Date(),
-		lastUsedAt: new Date(),
+		createdAt: now,
+		lastUsedAt: now,
 		session: ps.session,
 		userId: user.id,
 		token: accessToken,