Merge pull request #3520 from messagerie-melanie2/master

Add createtoken API

models/exportExcel.js

@@ -385,8 +385,8 @@ export class ExporterExcel {
     }
     //add data +8 hours
     function addTZhours(jdate) {
-      let curdate = new Date(jdate);
-      let checkCorrectDate = moment(curdate);
+      const curdate = new Date(jdate);
+      const checkCorrectDate = moment(curdate);
       if (checkCorrectDate.isValid()) {
         return curdate;
       } else {

models/users.js

@@ -1760,6 +1760,38 @@ if (Meteor.isServer) {
       });
     }
   });
+
+  /**
+   * @operation create_user_token
+   *
+   * @summary Create a user token
+   *
+   * @description Only the admin user (the first user) can call the REST API.
+   *
+   * @param {string} userId the ID of the user to delete
+   * @return_type {_id: string}
+   */
+  JsonRoutes.add('POST', '/api/createtoken/:userId', function(req, res) {
+    try {
+      Authentication.checkUserId(req.userId);
+      const id = req.params.userId;
+      const token = Accounts._generateStampedLoginToken();
+      Accounts._insertLoginToken(id, token);
+
+      JsonRoutes.sendResult(res, {
+        code: 200,
+        data: {
+          _id: id,
+          authToken: token.token,
+        },
+      });
+    } catch (error) {
+      JsonRoutes.sendResult(res, {
+        code: 200,
+        data: error,
+      });
+    }
+  });
 }
 
 export default Users;

public/api/wekan.yml

@@ -245,6 +245,46 @@ paths:
                 type: string
               defaultSwimlaneId:
                 type: string
+  /api/createtoken/{user}:
+    post:
+      operationId: createtoken
+      summary: CreateToken for a user with REST API
+      description: |
+        Only the admin user (the first user) can call the REST API.
+      consumes:
+        - application/x-www-form-urlencoded
+        - application/json
+      tags:
+        - Login
+      parameters:
+        - name: user
+          in: path
+          description: |
+            the user ID
+          type: string
+          required: true
+      responses:
+        200:
+          description: |-
+            Successful
+          schema:
+            items:
+              properties:
+                id:
+                  type: string
+                token:
+                  type: string
+        400:
+          description: |
+            Error
+          schema:
+            items:
+              properties:
+                error:
+                  type: number
+                reason:
+                  type: string
+
   /api/boards/{board}:
     get:
       operationId: get_board