documenso/packages/lib/server-only/public-api/create-api-token.ts

import type { Duration } from 'luxon';
import { DateTime } from 'luxon';

import { prisma } from '@documenso/prisma';

import { TEAM_MEMBER_ROLE_PERMISSIONS_MAP } from '../../constants/teams';
// temporary choice for testing only
import * as timeConstants from '../../constants/time';
import { AppError, AppErrorCode } from '../../errors/app-error';
import { alphaid } from '../../universal/id';
import { buildTeamWhereQuery } from '../../utils/teams';
import { hashString } from '../auth/hash';

type TimeConstants = typeof timeConstants & {
  [key: string]: number | Duration;
};

type CreateApiTokenInput = {
  userId: number;
  teamId: number;
  tokenName: string;
  expiresIn: string | null;
};

export const createApiToken = async ({
  userId,
  teamId,
  tokenName,
  expiresIn,
}: CreateApiTokenInput) => {
  const apiToken = `api_${alphaid(16)}`;

  const hashedToken = hashString(apiToken);

  const timeConstantsRecords: TimeConstants = timeConstants;

  const team = await prisma.team.findFirst({
    where: buildTeamWhereQuery({
      teamId,
      userId,
      roles: TEAM_MEMBER_ROLE_PERMISSIONS_MAP['MANAGE_TEAM'],
    }),
  });

  if (!team) {
    throw new AppError(AppErrorCode.UNAUTHORIZED, {
      message: 'You do not have permission to create a token for this team',
    });
  }

  const storedToken = await prisma.apiToken.create({
    data: {
      name: tokenName,
      token: hashedToken,
      expires: expiresIn ? DateTime.now().plus(timeConstantsRecords[expiresIn]).toJSDate() : null,
      userId,
      teamId,
    },
  });

  return {
    id: storedToken.id,
    token: apiToken,
  };
};
feat: allow user to choose expiry date 2024-02-09 09:32:54 +00:00			`import type { Duration } from 'luxon';`
			`import { DateTime } from 'luxon';`

feat: api token functions 2023-11-24 14:13:09 +00:00			`import { prisma } from '@documenso/prisma';`

feat: add organisations (#1820) 2025-06-10 01:49:52 +00:00			`import { TEAM_MEMBER_ROLE_PERMISSIONS_MAP } from '../../constants/teams';`
feat: api token functions 2023-11-24 14:13:09 +00:00			`// temporary choice for testing only`
feat: allow user to choose expiry date 2024-02-09 09:32:54 +00:00			`import * as timeConstants from '../../constants/time';`
fix: bump trpc and openapi packages (#1591) 2025-01-19 11:07:02 +00:00			`import { AppError, AppErrorCode } from '../../errors/app-error';`
chore: implemented feedback 2023-12-21 14:02:02 +00:00			`import { alphaid } from '../../universal/id';`
feat: add organisations (#1820) 2025-06-10 01:49:52 +00:00			`import { buildTeamWhereQuery } from '../../utils/teams';`
chore: implemented feedback 2023-12-21 14:02:02 +00:00			`import { hashString } from '../auth/hash';`
feat: api token functions 2023-11-24 14:13:09 +00:00
feat: allow user to choose expiry date 2024-02-09 09:32:54 +00:00			`type TimeConstants = typeof timeConstants & {`
			`[key: string]: number \| Duration;`
			`};`

feat: api token functions 2023-11-24 14:13:09 +00:00			`type CreateApiTokenInput = {`
			`userId: number;`
feat: add organisations (#1820) 2025-06-10 01:49:52 +00:00			`teamId: number;`
feat: api token functions 2023-11-24 14:13:09 +00:00			`tokenName: string;`
feat: team api tokens 2024-02-22 02:39:34 +00:00			`expiresIn: string \| null;`
feat: api token functions 2023-11-24 14:13:09 +00:00			`};`

feat: allow user to choose expiry date 2024-02-09 09:32:54 +00:00			`export const createApiToken = async ({`
			`userId,`
feat: team api tokens 2024-02-22 02:39:34 +00:00			`teamId,`
feat: allow user to choose expiry date 2024-02-09 09:32:54 +00:00			`tokenName,`
feat: team api tokens 2024-02-22 02:39:34 +00:00			`expiresIn,`
feat: allow user to choose expiry date 2024-02-09 09:32:54 +00:00			`}: CreateApiTokenInput) => {`
chore: implemented feedback 2023-12-21 14:02:02 +00:00			const apiToken = `api_${alphaid(16)}`;

			`const hashedToken = hashString(apiToken);`
feat: api token functions 2023-11-24 14:13:09 +00:00
feat: allow user to choose expiry date 2024-02-09 09:32:54 +00:00			`const timeConstantsRecords: TimeConstants = timeConstants;`

feat: add organisations (#1820) 2025-06-10 01:49:52 +00:00			`const team = await prisma.team.findFirst({`
			`where: buildTeamWhereQuery({`
			`teamId,`
			`userId,`
			`roles: TEAM_MEMBER_ROLE_PERMISSIONS_MAP['MANAGE_TEAM'],`
			`}),`
			`});`
feat: team api tokens 2024-02-22 02:39:34 +00:00
feat: add organisations (#1820) 2025-06-10 01:49:52 +00:00			`if (!team) {`
			`throw new AppError(AppErrorCode.UNAUTHORIZED, {`
			`message: 'You do not have permission to create a token for this team',`
			`});`
feat: team api tokens 2024-02-22 02:39:34 +00:00			`}`

			`const storedToken = await prisma.apiToken.create({`
feat: api token functions 2023-11-24 14:13:09 +00:00			`data: {`
			`name: tokenName,`
feat: team api tokens 2024-02-22 02:39:34 +00:00			`token: hashedToken,`
			`expires: expiresIn ? DateTime.now().plus(timeConstantsRecords[expiresIn]).toJSDate() : null,`
feat: add team user management endpoints to api (#1416) ## Description Adds user management capabilities to our current API. Allows for adding, removing, listing and updating members of a given team using a valid API token. ## Related Issue N/A ## Changes Made - Added an endpoint for inviting a team member - Added an endpoint for removing a team member - Added an endpoint for updating a team member - Added an endpoint for listing team members ## Testing Performed Tests were written for this feature request 2024-10-22 11:53:31 +00:00			`userId,`
feat: team api tokens 2024-02-22 02:39:34 +00:00			`teamId,`
feat: api token functions 2023-11-24 14:13:09 +00:00			`},`
			`});`

chore: implemented feedback 2023-12-21 14:02:02 +00:00			`return {`
feat: team api tokens 2024-02-22 02:39:34 +00:00			`id: storedToken.id,`
chore: implemented feedback 2023-12-21 14:02:02 +00:00			`token: apiToken,`
			`};`
feat: api token functions 2023-11-24 14:13:09 +00:00			`};`