refactor(api): ♻️ Rewrite full authentication code to go OpenID-only

2026-03-13 05:49:16 +01:00 · 2025-08-21 00:45:58 +02:00 · 2025-08-21 00:45:58 +02:00 · 4c430426d3
commit 4c430426d3
parent 132a3ed5ea
39 changed files with 3076 additions and 2009 deletions
--- a/cli/user/token.ts
+++ b/cli/user/token.ts
@ -1,4 +1,4 @@
-import { Token } from "@versia-server/kit/db";
+import { Application, Token } from "@versia-server/kit/db";
 import { randomUUIDv7 } from "bun";
 import chalk from "chalk";
 // @ts-expect-error - Root import is required or the Clec type definitions won't work
@ -22,13 +22,24 @@ export const generateTokenCommand = defineCommand(
            throw new Error(`User ${chalk.gray(username)} not found.`);
        }

+        const application = await Application.insert({
+            id:
+                user.id +
+                Buffer.from(
+                    crypto.getRandomValues(new Uint8Array(32)),
+                ).toString("base64"),
+            name: "Versia",
+            redirectUris: [],
+            scopes: ["openid", "profile", "email"],
+            secret: "",
+        });
+
        const token = await Token.insert({
            id: randomUUIDv7(),
            accessToken: randomString(64, "base64url"),
-            code: null,
-            scope: "read write follow",
-            tokenType: "Bearer",
+            scopes: ["read", "write", "follow"],
            userId: user.id,
+            clientId: application.id,
        });

        console.info(