Rocket.Chat/app/lib/server/methods/createToken.ts

import { Meteor } from 'meteor/meteor';
import { Accounts } from 'meteor/accounts-base';

import { hasPermission } from '../../../authorization/server';

Meteor.methods({
	createToken(userId) {
		if (
			!['yes', 'true'].includes(String(process.env.CREATE_TOKENS_FOR_USERS)) ||
			(Meteor.userId() !== userId && !hasPermission(Meteor.userId(), 'user-generate-access-token'))
		) {
			throw new Meteor.Error('error-not-authorized', 'Not authorized', { method: 'createToken' });
		}
		const token = Accounts._generateStampedLoginToken();
		Accounts._insertLoginToken(userId, token);
		return {
			userId,
			authToken: token.token,
		};
	},
});
Removal of Meteor global variable (#12371) * First wave of removal of Meteor global * Second wave of removal of Meteor global * Third wave of removal of Meteor global * Fix tests * Fix ESLint 7 years ago			`import { Meteor } from 'meteor/meteor';`
Removal of EJSON, Accounts, Email, HTTP, Random, ReactiveDict, ReactiveVar, SHA256 and WebApp global variables (#12377) * First wave of removal of Meteor global * Second wave of removal of Meteor global * Third wave of removal of Meteor global * Fix tests * Remove global variable SHA256 * Remove global variable WebApp * Remove global variable EJSON * Remove global variable Email * Remove global variable HTTP * Remove global variable Random * Remove global variable ReactiveDict * Remove global variable ReactiveVar * Remove global variable Accounts * Fix ESLint 7 years ago			`import { Accounts } from 'meteor/accounts-base';`
New eslint rules (#14332) * Fix new eslint rules * Fix eslint rules: no-unsafe-finally no-await-in-loop * More and more rules * Fix changes after lint fixes * Fix import orders * New eslint rules operator-linebreak new-parens * New eslint rule: no-useless-computed-key * New eslint rule: no-useless-constructor * Fix after develop merge * Update lint package and fix new code 7 years ago
Chore: Convert JS files to Typescript (#24410) Co-authored-by: Guilherme Gazzo <guilhermegazzo@gmail.com> 4 years ago			`import { hasPermission } from '../../../authorization/server';`
Removal of Meteor global variable (#12371) * First wave of removal of Meteor global * Second wave of removal of Meteor global * Third wave of removal of Meteor global * Fix tests * Fix ESLint 7 years ago
create a method 'create token' 9 years ago			`Meteor.methods({`
createToken just receive userId 9 years ago			`createToken(userId) {`
Chore: Prettier for us all (#24000) 4 years ago			`if (`
Chore: Convert JS files to Typescript (#24410) Co-authored-by: Guilherme Gazzo <guilhermegazzo@gmail.com> 4 years ago			`!['yes', 'true'].includes(String(process.env.CREATE_TOKENS_FOR_USERS)) \|\|`
Chore: Prettier for us all (#24000) 4 years ago			`(Meteor.userId() !== userId && !hasPermission(Meteor.userId(), 'user-generate-access-token'))`
			`) {`
create a method 'create token' 9 years ago			`throw new Meteor.Error('error-not-authorized', 'Not authorized', { method: 'createToken' });`
			`}`
			`const token = Accounts._generateStampedLoginToken();`
createToken just receive userId 9 years ago			`Accounts._insertLoginToken(userId, token);`
create a method 'create token' 9 years ago			`return {`
createToken just receive userId 9 years ago			`userId,`
Add new eslint rules (#11800) 7 years ago			`authToken: token.token,`
create a method 'create token' 9 years ago			`};`
Add new eslint rules (#11800) 7 years ago			`},`
create a method 'create token' 9 years ago			`});`