web-app-launcher/src/routes/settings/api-tokens/+page.server.ts

import type { PageServerLoad, Actions } from './$types.js';
import { requireAuth } from '$lib/server/middleware/authenticate.js';
import * as apiTokenService from '$lib/server/services/apiTokenService.js';
import { createApiTokenSchema } from '$lib/utils/validators.js';
import { fail } from '@sveltejs/kit';

export const load: PageServerLoad = async (event) => {
	const user = requireAuth(event);

	const tokens = await apiTokenService.listTokens(user.id);

	return { tokens };
};

export const actions: Actions = {
	create: async (event) => {
		const user = requireAuth(event);

		const formData = await event.request.formData();
		const name = formData.get('name') as string;
		const scope = formData.get('scope') as string;
		const expiresAt = formData.get('expiresAt') as string;

		const parsed = createApiTokenSchema.safeParse({
			name,
			scope,
			expiresAt: expiresAt || undefined
		});

		if (!parsed.success) {
			return fail(400, {
				error: parsed.error.issues.map((i) => i.message).join(', ')
			});
		}

		try {
			const result = await apiTokenService.generateToken(
				user.id,
				parsed.data.name,
				parsed.data.scope,
				parsed.data.expiresAt ?? undefined
			);

			return { token: result.token, tokenId: result.id };
		} catch (err) {
			const message = err instanceof Error ? err.message : 'Failed to create token';
			return fail(500, { error: message });
		}
	},

	revoke: async (event) => {
		const user = requireAuth(event);

		const formData = await event.request.formData();
		const tokenId = formData.get('tokenId') as string;

		if (!tokenId) {
			return fail(400, { error: 'Token ID is required' });
		}

		try {
			await apiTokenService.revokeToken(tokenId, user.id);
		} catch (err) {
			const message = err instanceof Error ? err.message : 'Failed to revoke token';
			return fail(500, { error: message });
		}

		return { success: true };
	}
};