feat: Add API key authentication (#1254)

Closes #945
2025-12-29 01:11:59 +03:00 · 2025-11-06 20:56:48 +01:00
parent 5a2564f575
commit b4cbd32bf2
75 changed files with 1501 additions and 94 deletions
--- a/server/config/policies.js
+++ b/server/config/policies.js
@@ -27,6 +27,8 @@ module.exports.policies = {
  'webhooks/update': ['is-authenticated', 'is-external', 'is-admin'],
  'webhooks/delete': ['is-authenticated', 'is-external', 'is-admin'],

+  'access-tokens/delete': ['is-authenticated', 'is-external', 'is-session'],
+
  'users/index': 'is-authenticated',
  'users/create': ['is-authenticated', 'is-admin'],
  'users/show': 'is-authenticated',
@@ -35,6 +37,7 @@ module.exports.policies = {
  'users/update-password': 'is-authenticated',
  'users/update-username': 'is-authenticated',
  'users/update-avatar': 'is-authenticated',
+  'users/create-api-key': ['is-authenticated', 'is-admin'],
  'users/delete': ['is-authenticated', 'is-admin'],

  'projects/create': ['is-authenticated', 'is-external', 'is-admin-or-project-owner'],
--- a/server/config/routes.js
+++ b/server/config/routes.js
@@ -89,6 +89,7 @@ module.exports.routes = {
  'PATCH /api/users/:id/password': 'users/update-password',
  'PATCH /api/users/:id/username': 'users/update-username',
  'POST /api/users/:id/avatar': 'users/update-avatar',
+  'POST /api/users/:id/api-key': 'users/create-api-key',
  'DELETE /api/users/:id': 'users/delete',

  'GET /api/projects': 'projects/index',
--- a/server/config/swagger.js
+++ b/server/config/swagger.js
@@ -31,12 +31,20 @@ module.exports = {
          scheme: 'bearer',
          bearerFormat: 'JWT',
        },
+        apiKeyAuth: {
+          type: 'apiKey',
+          in: 'header',
+          name: 'X-Api-Key',
+        },
      },
    },
    security: [
      {
        bearerAuth: [],
      },
+      {
+        apiKeyAuth: [],
+      },
    ],
  },
  apis: ['./api/controllers/**/*.js', './api/models/*.js', './api/responses/*.js'],