@vendure/core
Version:
A modern, headless ecommerce framework
48 lines (47 loc) • 1.98 kB
TypeScript
import { DeepPartial, ID } from '@vendure/common/lib/shared-types';
import { Channel } from '..';
import { ChannelAware, LocaleString, SoftDeletable, Translatable, Translation } from '../../common';
import { HasCustomFields } from '../../config/custom-field/custom-field-types';
import { VendureEntity } from '../base/base.entity';
import { CustomApiKeyFields } from '../custom-entity-fields';
import { User } from '../user/user.entity';
/**
* @description
* An ApiKey is mostly used for authenticating non-interactive clients such as scripts
* or other types of services. An ApiKey is associated with a {@link User} whose
* permissions will apply when the ApiKey is used for authorization.
*
* Similar to how passwords are handled, only a hash of the API key is stored in the database
* meaning, generated API-Keys are not viewable after creation, Users are responsible for storing them.
*
* Hence, if a User forgets their ApiKey, the old one must be deleted and a new one created.
* This is called "rotating" an ApiKey.
*
* @docsCategory entities
*/
export declare class ApiKey extends VendureEntity implements HasCustomFields, ChannelAware, Translatable, SoftDeletable {
constructor(input?: DeepPartial<ApiKey>);
/**
* ID by which we can look up the API-Key.
* Also helps you identify keys without leaking the underlying secret API-Key.
*/
lookupId: string;
apiKeyHash: string;
lastUsedAt: Date | null;
deletedAt: Date | null;
/**
* Usually the user who created the ApiKey but could also be used as the basis for
* restricting resolvers to `Permission.Owner` queries for customers for example.
*/
owner: User;
ownerId: ID;
/**
* This is the underlying User which determines the kind of permissions for this API-Key.
*/
user: User;
userId: ID;
channels: Channel[];
translations: Array<Translation<ApiKey>>;
customFields: CustomApiKeyFields;
name: LocaleString;
}