refactor(user-tokens): migrate from server#2279
Conversation
a9a75b7 to
64a5234
Compare
b37e308 to
0331d48
Compare
0331d48 to
c53cb23
Compare
09f3402 to
b667443
Compare
1b31261 to
f16a730
Compare
cecad1b to
10b4770
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
0eb3e93 to
43d21dc
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
2e5abec to
09ac7ac
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
09ac7ac to
7b8a3c7
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
7b8a3c7 to
a1e4df7
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
a1e4df7 to
125804c
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
125804c to
aa3de07
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
aa3de07 to
e5ce635
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
60bbb8e to
d7d0c3b
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
1 similar comment
|
🤖 Hey ! The security scan report for the current pull request is available here. |
d7d0c3b to
6bfdd13
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
6bfdd13 to
b5b5107
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
b5b5107 to
3b957fa
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
Signed-off-by: Shikanime Deva <william.phetsinorath@shikanime.studio> Change-Id: I5b6db65fcf411b3bfddc4a72430b8d4c6a6a6964
3b957fa to
259a636
Compare
|
🤖 Hey ! The security scan report for the current pull request is available here. |
|
There was a problem hiding this comment.
issue: tant qu'on n'a pas statué sur le sujet, je préfère qu'on ne commite aucun "plan"
| | Decision | Choix | | ||
| |----------|-------| | ||
| | Approche migration | Bottom-up (feuilles d'abord, puis remontee vers les modules couples) | | ||
| | Approche migration | Bottom-up (feuilles d'abord, puis remonttee vers les modules couples) | |
There was a problem hiding this comment.
| | Approche migration | Bottom-up (feuilles d'abord, puis remonttee vers les modules couples) | | |
| | Approche migration | Bottom-up (feuilles d'abord, puis remontée vers les modules couples) | |
| @Get() | ||
| @RequireAdminPermission('ListAdminToken') | ||
| async list(@Query('withRevoked') withRevoked?: string) { | ||
| return this.service.list(withRevoked !== undefined && withRevoked !== 'false') |
There was a problem hiding this comment.
suggestion: ça ne serait pas mieux avec:
| return this.service.list(withRevoked !== undefined && withRevoked !== 'false') | |
| return this.service.list(withRevoked === 'true') |
?
Parce que bon avec withRevoked = "chocapics", ça passe 😅
| constructor(@Inject(PrismaService) private readonly prisma: PrismaService) {} | ||
|
|
||
| @StartActiveSpan() | ||
| async list(withRevoked?: boolean) { |
There was a problem hiding this comment.
suggestion: Ouais donc effectivement y a zéro raison que withRevoked soit autre chose qu'un booléen.
Parse, don't validate
| this.logger.log(`adminToken.create started (tokenName=${data.name})`) | ||
|
|
||
| if (data.expirationDate && !isAtLeastTomorrow(new Date(data.expirationDate))) { | ||
| this.logger.warn(`adminToken.create rejected (tokenName=${data.name}, reason=expirationTooSoon)`) |
There was a problem hiding this comment.
issue: la date peut aussi être invalide (new Date("toto") === "Invalid Date"), et je ne vois rien qui l'indique clairement.
Niveau traçabilité, c'est pas top
| try { | ||
| const response = await fetch(url) | ||
| if (response.status < 500) return indicator.up({ httpStatus: response.status }) | ||
| if (response.status < HttpStatus.INTERNAL_SERVER_ERROR) return indicator.up({ httpStatus: response.status }) |
There was a problem hiding this comment.
praise: Ah ben je me demandais dans une autre MR si on avait des constantes pour ça. Je me disais bien qu'on avait ce qu'il faut 😁
|
|
||
| @Get() | ||
| async list(@AuthUser() user: UserContext) { | ||
| if (!user.userId || user.userType !== 'human') { |
There was a problem hiding this comment.
issue: s/'human'/HUMAN_KIND
| } | ||
|
|
||
| @Post() | ||
| @HttpCode(201) |
There was a problem hiding this comment.
suggestion: Mais du coup on peut utiliser les constantes des codes HTTP ici, non ? 😏
| hash: 'hash-2', | ||
| }) | ||
|
|
||
| const result = await service.create({ name: 'my-token', expirationDate: '2099-01-01' }, userId) |
There was a problem hiding this comment.
thought: Je me demande toujours, quand il s'agit de dates, si on est timezone-safe 🤔
D'autant que n'importe qui peut appeler l'API (légitimement j'entends)
| const password = generateRandomPassword(48, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-') | ||
| const salt = randomBytes(16).toString('hex') | ||
| const derivedKey = scryptSync(password, salt, 64).toString('hex') | ||
| const hash = `${salt}:${derivedKey}` |
There was a problem hiding this comment.
suggestion: Bon ben ça fait deux, là, non ? 😁

0 New Issues
0 Fixed Issues
0 Accepted Issues
Issues liées
Issues numéro: #1889
Quel est le comportement actuel ?
Quel est le nouveau comportement ?
Cette PR introduit-elle un breaking change ?
Autres informations