zhengchen.tao/ezbookkeeping
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add a special token type for MCP

Browse Source
This commit is contained in:
MaysWind
2025-07-07 01:20:38 +08:00
parent fbaf6086e3
commit 0140fc7622
26 changed files with 424 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/user_data.go
+18 -1
View File
@@ -260,6 +260,12 @@ var UserData = &cli.Command{
Required: true,
Usage: "Specific user name",
},
&cli.StringFlag{
Name: "type",
Aliases: []string{"t"},
Required: false,
Usage: "Specific token type, supports \"normal\" and \"mcp\", default is \"normal\"",
},
},
},
{
@@ -702,7 +708,18 @@ func createNewUserToken(c *core.CliContext) error {
}
username := c.String("username")
token, tokenString, err := clis.UserData.CreateNewUserToken(c, username)
tokenType := c.String("type")
if tokenType == "" {
tokenType = "normal"
}
if tokenType != "normal" && tokenType != "mcp" {
log.CliErrorf(c, "[user_data.createNewUserToken] token type is invalid")
return nil
}
token, tokenString, err := clis.UserData.CreateNewUserToken(c, username, tokenType)
if err != nil {
log.CliErrorf(c, "[user_data.createNewUserToken] error occurs when creating user token")
cmd/webserver.go
+2 -1
View File
@@ -226,7 +226,7 @@ func startWebServer(c *core.CliContext) error {
mcpRoute.Use(bindMiddleware(middlewares.RequestId(config)))
mcpRoute.Use(bindMiddleware(middlewares.RequestLog))
mcpRoute.Use(bindMiddleware(middlewares.MCPServerIpLimit(config)))
mcpRoute.Use(bindMiddleware(middlewares.JWTAuthorization))
mcpRoute.Use(bindMiddleware(middlewares.JWTMCPAuthorization))
{
mcpRoute.POST("", bindJSONRPCApi(map[string]core.JSONRPCApiHandlerFunc{
"initialize": api.ModelContextProtocols.InitializeHandler,
@@ -289,6 +289,7 @@ func startWebServer(c *core.CliContext) error {
{
// Tokens
apiV1Route.GET("/tokens/list.json", bindApi(api.Tokens.TokenListHandler))
apiV1Route.POST("/tokens/generate/mcp.json", bindApi(api.Tokens.TokenGenerateMCPHandler))
apiV1Route.POST("/tokens/revoke.json", bindApi(api.Tokens.TokenRevokeHandler))
apiV1Route.POST("/tokens/revoke_all.json", bindApi(api.Tokens.TokenRevokeAllHandler))
apiV1Route.POST("/tokens/refresh.json", bindApiWithTokenUpdate(api.Tokens.TokenRefreshHandler, config))
pkg/api/tokens.go
+44 -1
View File
@@ -46,7 +46,7 @@ var (
// TokenListHandler returns available token list of current user
func (a *TokensApi) TokenListHandler(c *core.WebContext) (any, *errs.Error) {
uid := c.GetCurrentUid()
tokens, err := a.tokens.GetAllUnexpiredNormalTokensByUid(c, uid)
tokens, err := a.tokens.GetAllUnexpiredNormalAndMCPTokensByUid(c, uid)
if err != nil {
log.Errorf(c, "[tokens.TokenListHandler] failed to get all tokens for user \"uid:%d\", because %s", uid, err.Error())
@@ -69,6 +69,10 @@ func (a *TokensApi) TokenListHandler(c *core.WebContext) (any, *errs.Error) {
tokenResp.IsCurrent = true
}
if token.TokenType == core.USER_TOKEN_TYPE_MCP && token.UserAgent != services.TokenUserAgentCreatedViaCli {
tokenResp.UserAgent = services.TokenUserAgentForMCP
}
tokenResps[i] = tokenResp
}
@@ -77,6 +81,45 @@ func (a *TokensApi) TokenListHandler(c *core.WebContext) (any, *errs.Error) {
return tokenResps, nil
}
// TokenGenerateMCPHandler generates a new MCP token for current user
func (a *TokensApi) TokenGenerateMCPHandler(c *core.WebContext) (any, *errs.Error) {
var generateMCPTokenReq models.TokenGenerateMCPRequest
err := c.ShouldBindJSON(&generateMCPTokenReq)
if err != nil {
log.Warnf(c, "[tokens.TokenGenerateMCPHandler] parse request failed, because %s", err.Error())
return nil, errs.NewIncompleteOrIncorrectSubmissionError(err)
}
uid := c.GetCurrentUid()
user, err := a.users.GetUserById(c, uid)
if err != nil {
log.Warnf(c, "[tokens.TokenGenerateMCPHandler] failed to get user \"uid:%d\" info, because %s", uid, err.Error())
return nil, errs.ErrUserNotFound
}
if !a.users.IsPasswordEqualsUserPassword(generateMCPTokenReq.Password, user) {
return nil, errs.ErrUserPasswordWrong
}
token, claims, err := a.tokens.CreateMCPToken(c, user)
if err != nil {
log.Errorf(c, "[tokens.TokenGenerateMCPHandler] failed to create mcp token for user \"uid:%d\", because %s", user.Uid, err.Error())
return nil, errs.Or(err, errs.ErrTokenGenerating)
}
log.Infof(c, "[tokens.TokenGenerateMCPHandler] user \"uid:%d\" has generated mcp token, new token will be expired at %d", user.Uid, claims.ExpiresAt)
generateMCPTokenResp := &models.TokenGenerateMCPResponse{
Token: token,
MCPUrl: a.CurrentConfig().RootUrl + "mcp",
}
return generateMCPTokenResp, nil
}
// TokenRevokeCurrentHandler revokes current token of current user
func (a *TokensApi) TokenRevokeCurrentHandler(c *core.WebContext) (any, *errs.Error) {
_, claims, err := a.tokens.ParseTokenByHeader(c)
pkg/cli/user_data.go
+12 -3
View File
@@ -394,7 +394,7 @@ func (l *UserDataCli) ListUserTokens(c *core.CliContext, username string) ([]*mo
return nil, err
}
tokens, err := l.tokens.GetAllUnexpiredNormalTokensByUid(c, uid)
tokens, err := l.tokens.GetAllUnexpiredNormalAndMCPTokensByUid(c, uid)
if err != nil {
log.CliErrorf(c, "[user_data.ListUserTokens] failed to get tokens of user \"%s\", because %s", username, err.Error())
@@ -405,7 +405,7 @@ func (l *UserDataCli) ListUserTokens(c *core.CliContext, username string) ([]*mo
}
// CreateNewUserToken returns a new token for the specified user
func (l *UserDataCli) CreateNewUserToken(c *core.CliContext, username string) (*models.TokenRecord, string, error) {
func (l *UserDataCli) CreateNewUserToken(c *core.CliContext, username string, tokenType string) (*models.TokenRecord, string, error) {
if username == "" {
log.CliErrorf(c, "[user_data.CreateNewUserToken] user name is empty")
return nil, "", errs.ErrUsernameIsEmpty
@@ -418,7 +418,16 @@ func (l *UserDataCli) CreateNewUserToken(c *core.CliContext, username string) (*
return nil, "", err
}
token, tokenRecord, err := l.tokens.CreateTokenViaCli(c, user)
var token string
var tokenRecord *models.TokenRecord
if tokenType == "mcp" {
token, tokenRecord, err = l.tokens.CreateMCPTokenViaCli(c, user)
} else if tokenType == "normal" {
token, tokenRecord, err = l.tokens.CreateTokenViaCli(c, user)
} else {
return nil, "", errs.ErrParameterInvalid
}
if err != nil {
log.CliErrorf(c, "[user_data.CreateNewUserToken] failed to create token for user \"%s\", because %s", username, err.Error())
pkg/core/token_claims.go
+1
View File
@@ -15,6 +15,7 @@ const (
USER_TOKEN_TYPE_REQUIRE_2FA TokenType = 2
USER_TOKEN_TYPE_EMAIL_VERIFY TokenType = 3
USER_TOKEN_TYPE_PASSWORD_RESET TokenType = 4
USER_TOKEN_TYPE_MCP TokenType = 5
)
// UserTokenClaims represents user token
pkg/middlewares/authorization.go
+20 -1
View File
@@ -94,6 +94,25 @@ func JWTResetPasswordAuthorization(c *core.WebContext) {
c.Next()
}
// JWTMCPAuthorization verifies whether current request is valid by jwt mcp token in header
func JWTMCPAuthorization(c *core.WebContext) {
claims, err := getTokenClaims(c, TOKEN_SOURCE_TYPE_HEADER)
if err != nil {
utils.PrintJsonErrorResult(c, err)
return
}
if claims.Type != core.USER_TOKEN_TYPE_MCP {
log.Warnf(c, "[authorization.jwtAuthorization] user \"uid:%d\" token type (%d) is not mcp token", claims.Uid, claims.Type)
utils.PrintJsonErrorResult(c, errs.ErrCurrentInvalidTokenType)
return
}
c.SetTokenClaims(claims)
c.Next()
}
func jwtAuthorization(c *core.WebContext, source TokenSourceType) {
claims, err := getTokenClaims(c, source)
@@ -109,7 +128,7 @@ func jwtAuthorization(c *core.WebContext, source TokenSourceType) {
}
if claims.Type != core.USER_TOKEN_TYPE_NORMAL {
log.Warnf(c, "[authorization.jwtAuthorization] user \"uid:%d\" token type is invalid", claims.Uid)
log.Warnf(c, "[authorization.jwtAuthorization] user \"uid:%d\" token type (%d) is invalid", claims.Uid, claims.Type)
utils.PrintJsonErrorResult(c, errs.ErrCurrentInvalidTokenType)
return
}
pkg/models/token_record.go
+11
View File
@@ -17,11 +17,22 @@ type TokenRecord struct {
LastSeenUnixTime int64
}
// TokenGenerateMCPRequest represents all parameters of mcp token generation request
type TokenGenerateMCPRequest struct {
Password string `json:"password" binding:"omitempty,min=6,max=128"`
}
// TokenRevokeRequest represents all parameters of token revoking request
type TokenRevokeRequest struct {
TokenId string `json:"tokenId" binding:"required,notBlank"`
}
// TokenGenerateMCPResponse represents all response parameters of generated mcp token
type TokenGenerateMCPResponse struct {
Token string `json:"token"`
MCPUrl string `json:"mcpUrl"`
}
// TokenRefreshResponse represents all parameters of token refreshing request
type TokenRefreshResponse struct {
NewToken string `json:"newToken,omitempty"`
pkg/services/tokens.go
+26 -4
View File
@@ -19,6 +19,14 @@ import (
"github.com/mayswind/ezbookkeeping/pkg/utils"
)
// TokenUserAgentCreatedViaCli is the user agent of token created via cli
const TokenUserAgentCreatedViaCli = "ezbookkeeping Cli"
// TokenUserAgentForMCP is the user agent for MCP token
const TokenUserAgentForMCP = "ezbookkeeping MCP"
const tokenMaxExpiredAtUnixTime = int64(253402300799) // 9999-12-31 23:59:59 UTC
// TokenService represents user token service
type TokenService struct {
ServiceUsingDB
@@ -49,8 +57,8 @@ func (s *TokenService) GetAllTokensByUid(c core.Context, uid int64) ([]*models.T
return tokenRecords, err
}
// GetAllUnexpiredNormalTokensByUid returns all available token models of given user
func (s *TokenService) GetAllUnexpiredNormalTokensByUid(c core.Context, uid int64) ([]*models.TokenRecord, error) {
// GetAllUnexpiredNormalAndMCPTokensByUid returns all available token models of given user
func (s *TokenService) GetAllUnexpiredNormalAndMCPTokensByUid(c core.Context, uid int64) ([]*models.TokenRecord, error) {
if uid <= 0 {
return nil, errs.ErrUserIdInvalid
}
@@ -58,7 +66,7 @@ func (s *TokenService) GetAllUnexpiredNormalTokensByUid(c core.Context, uid int6
now := time.Now().Unix()
var tokenRecords []*models.TokenRecord
err := s.TokenDB(uid).NewSession(c).Cols("uid", "user_token_id", "token_type", "user_agent", "created_unix_time", "expired_unix_time", "last_seen_unix_time").Where("uid=? AND token_type=? AND expired_unix_time>?", uid, core.USER_TOKEN_TYPE_NORMAL, now).Find(&tokenRecords)
err := s.TokenDB(uid).NewSession(c).Cols("uid", "user_token_id", "token_type", "user_agent", "created_unix_time", "expired_unix_time", "last_seen_unix_time").Where("uid=? AND (token_type=? OR token_type=?) AND expired_unix_time>?", uid, core.USER_TOKEN_TYPE_NORMAL, core.USER_TOKEN_TYPE_MCP, now).Find(&tokenRecords)
return tokenRecords, err
}
@@ -80,7 +88,7 @@ func (s *TokenService) ParseTokenByCookie(c *core.WebContext, tokenCookieName st
// CreateTokenViaCli generates a new normal token and saves to database
func (s *TokenService) CreateTokenViaCli(c *core.CliContext, user *models.User) (string, *models.TokenRecord, error) {
token, _, tokenRecord, err := s.createToken(c, user, core.USER_TOKEN_TYPE_NORMAL, "ezbookkeeping Cli", s.CurrentConfig().TokenExpiredTimeDuration)
token, _, tokenRecord, err := s.createToken(c, user, core.USER_TOKEN_TYPE_NORMAL, TokenUserAgentCreatedViaCli, s.CurrentConfig().TokenExpiredTimeDuration)
return token, tokenRecord, err
}
@@ -120,6 +128,20 @@ func (s *TokenService) CreatePasswordResetTokenWithoutUserAgent(c core.Context,
return token, claims, err
}
// CreateMCPToken generates a new MCP token and saves to database
func (s *TokenService) CreateMCPToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) {
tokenExpiredTimeDuration := time.Unix(tokenMaxExpiredAtUnixTime, 0).Sub(time.Now())
token, claims, _, err := s.createToken(c, user, core.USER_TOKEN_TYPE_MCP, s.getUserAgent(c), tokenExpiredTimeDuration)
return token, claims, err
}
// CreateMCPTokenViaCli generates a new MCP token and saves to database
func (s *TokenService) CreateMCPTokenViaCli(c *core.CliContext, user *models.User) (string, *models.TokenRecord, error) {
tokenExpiredTimeDuration := time.Unix(tokenMaxExpiredAtUnixTime, 0).Sub(time.Now())
token, _, tokenRecord, err := s.createToken(c, user, core.USER_TOKEN_TYPE_MCP, TokenUserAgentCreatedViaCli, tokenExpiredTimeDuration)
return token, tokenRecord, err
}
// UpdateTokenLastSeen updates the last seen time of specified token
func (s *TokenService) UpdateTokenLastSeen(c core.Context, tokenRecord *models.TokenRecord) error {
if tokenRecord.Uid <= 0 {
src/lib/services.ts
+5
View File
@@ -106,6 +106,8 @@ import type {
TransactionTemplateInfoResponse
} from '@/models/transaction_template.ts';
import type {
TokenGenerateMCPRequest,
TokenGenerateMCPResponse,
TokenRefreshResponse,
TokenInfoResponse
} from '@/models/token.ts';
@@ -289,6 +291,9 @@ export default {
getTokens: (): ApiResponsePromise<TokenInfoResponse[]> => {
return axios.get<ApiResponse<TokenInfoResponse[]>>('v1/tokens/list.json');
},
generateMCPToken: (req: TokenGenerateMCPRequest): ApiResponsePromise<TokenGenerateMCPResponse> => {
return axios.post<ApiResponse<TokenGenerateMCPResponse>>('v1/tokens/generate/mcp.json', req);
},
revokeToken: ({ tokenId, ignoreError }: { tokenId: string, ignoreError?: boolean }): ApiResponsePromise<boolean> => {
return axios.post<ApiResponse<boolean>>('v1/tokens/revoke.json', {
tokenId: tokenId
src/lib/session.ts
+11 -3
View File
@@ -1,6 +1,11 @@
import uaParser from 'ua-parser-js';
import { TOKEN_CLI_USER_AGENT, type TokenInfoResponse, SessionInfo } from '@/models/token.ts';
import {
TOKEN_TYPE_MCP,
TOKEN_CLI_USER_AGENT,
type TokenInfoResponse,
SessionInfo
} from '@/models/token.ts';
interface UserAgentInfo {
readonly device: {
@@ -81,11 +86,14 @@ function parseDeviceInfo(uaInfo: UserAgentInfo): string {
}
export function parseSessionInfo(token: TokenInfoResponse): SessionInfo {
const isCreateForMCP = token.tokenType === TOKEN_TYPE_MCP;
const isCreatedByCli = isSessionUserAgentCreatedByCli(token.userAgent);
const uaInfo = parseUserAgent(token.userAgent);
let deviceType = '';
if (isCreatedByCli) {
if (isCreateForMCP) {
deviceType = 'mcp';
} else if (isCreatedByCli) {
deviceType = 'cli';
} else {
if (uaInfo && uaInfo.device) {
@@ -109,7 +117,7 @@ export function parseSessionInfo(token: TokenInfoResponse): SessionInfo {
token.tokenId,
token.isCurrent,
deviceType,
isCreatedByCli ? token.userAgent : parseDeviceInfo(uaInfo),
isCreateForMCP || isCreatedByCli ? token.userAgent : parseDeviceInfo(uaInfo),
isCreatedByCli,
token.lastSeen
);
src/locales/de.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Aktualisieren",
"Refresh": "Aktualisieren",
"Clear": "Löschen",
"Generate": "Generate",
"None": "Keine",
"Unspecified": "Nicht angegeben",
"Not set": "Nicht festgelegt",
@@ -1349,6 +1350,8 @@
"Enabled": "Aktiviert",
"Disable": "Deaktivieren",
"Disabled": "Deaktiviert",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Kopieren",
"Visible": "Sichtbar",
"Show": "Anzeigen",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Versteckte Transaktionsvorlagen anzeigen",
"Hide Hidden Transaction Templates": "Versteckte Transaktionsvorlagen ausblenden",
"Template name cannot be blank": "Vorlagenname darf nicht leer sein",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "Sind Sie sicher, dass Sie sich von dieser Sitzung abmelden möchten?",
"Unable to logout from this session": "Abmeldung von dieser Sitzung nicht möglich",
"Are you sure you want to logout all other sessions?": "Sind Sie sicher, dass Sie alle anderen Sitzungen abmelden möchten?",
src/locales/en.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Update",
"Refresh": "Refresh",
"Clear": "Clear",
"Generate": "Generate",
"None": "None",
"Unspecified": "Unspecified",
"Not set": "Not set",
@@ -1349,6 +1350,8 @@
"Enabled": "Enabled",
"Disable": "Disable",
"Disabled": "Disabled",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Copy",
"Visible": "Visible",
"Show": "Show",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Show Hidden Transaction Templates",
"Hide Hidden Transaction Templates": "Hide Hidden Transaction Templates",
"Template name cannot be blank": "Template name cannot be blank",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "Are you sure you want to logout from this session?",
"Unable to logout from this session": "Unable to logout from this session",
"Are you sure you want to logout all other sessions?": "Are you sure you want to logout all other sessions?",
src/locales/es.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Actualizar",
"Refresh": "Refrescar",
"Clear": "Claro",
"Generate": "Generate",
"None": "Ninguno",
"Unspecified": "No especificado",
"Not set": "No establecido",
@@ -1349,6 +1350,8 @@
"Enabled": "Activado",
"Disable": "Desactivar",
"Disabled": "Desactivado",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Copiar",
"Visible": "Visible",
"Show": "Mostrar",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Mostrar plantillas de transacciones ocultas",
"Hide Hidden Transaction Templates": "Ocultar plantillas de transacciones ocultas",
"Template name cannot be blank": "El nombre de la plantilla no puede estar en blanco",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "¿Está seguro de que desea cerrar sesión en esta sesión?",
"Unable to logout from this session": "No se puede cerrar sesión en esta sesión",
"Are you sure you want to logout all other sessions?": "¿Está seguro de que desea cerrar sesión en todas las demás sesiones?",
src/locales/it.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Aggiorna",
"Refresh": "Aggiorna",
"Clear": "Pulisci",
"Generate": "Generate",
"None": "Nessuno",
"Unspecified": "Non specificato",
"Not set": "Non impostato",
@@ -1349,6 +1350,8 @@
"Enabled": "Abilitato",
"Disable": "Disabilita",
"Disabled": "Disabilitato",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Copia",
"Visible": "Visibile",
"Show": "Mostra",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Mostra modelli transazione nascosti",
"Hide Hidden Transaction Templates": "Nascondi modelli transazione nascosti",
"Template name cannot be blank": "Il nome del modello non può essere vuoto",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "Sei sicuro di voler uscire da questa sessione?",
"Unable to logout from this session": "Impossibile uscire da questa sessione",
"Are you sure you want to logout all other sessions?": "Sei sicuro di voler uscire da tutte le altre sessioni?",
src/locales/ja.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "アップデート",
"Refresh": "リフレッシュ",
"Clear": "消去",
"Generate": "Generate",
"None": "なし",
"Unspecified": "不特定",
"Not set": "セットしていない",
@@ -1349,6 +1350,8 @@
"Enabled": "有効になっています",
"Disable": "無効",
"Disabled": "無効になっています",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "コピー",
"Visible": "見える",
"Show": "表示",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "非表示取引テンプレートを表示します",
"Hide Hidden Transaction Templates": "非表示取引テンプレートを非表示にします",
"Template name cannot be blank": "テンプレート名は空欄にできません",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "このセッションからログアウトしますか?",
"Unable to logout from this session": "このセッションからログアウトできません",
"Are you sure you want to logout all other sessions?": "他のすべてのセッションをログアウトしますか?",
src/locales/pt_BR.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Atualizar",
"Refresh": "Atualizar",
"Clear": "Limpar",
"Generate": "Generate",
"None": "Nenhum",
"Unspecified": "Não especificado",
"Not set": "Não definido",
@@ -1349,6 +1350,8 @@
"Enabled": "Habilitado",
"Disable": "Desabilitar",
"Disabled": "Desabilitado",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Copiar",
"Visible": "Visível",
"Show": "Mostrar",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Mostrar Modelos de Transação Ocultos",
"Hide Hidden Transaction Templates": "Ocultar Modelos de Transação Ocultos",
"Template name cannot be blank": "O nome do modelo não pode estar em branco",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "Tem certeza de que deseja sair desta sessão?",
"Unable to logout from this session": "Não foi possível sair desta sessão",
"Are you sure you want to logout all other sessions?": "Tem certeza de que deseja sair de todas as outras sessões?",
src/locales/ru.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Обновить",
"Refresh": "Обновить",
"Clear": "Очистить",
"Generate": "Generate",
"None": "Нет",
"Unspecified": "Не указано",
"Not set": "Не установлено",
@@ -1349,6 +1350,8 @@
"Enabled": "Включено",
"Disable": "Отключить",
"Disabled": "Отключено",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Копировать",
"Visible": "Видимый",
"Show": "Показать",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Показать скрытые шаблоны транзакций",
"Hide Hidden Transaction Templates": "Скрыть скрытые шаблоны транзакций",
"Template name cannot be blank": "Название шаблона не может быть пустым",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "Вы уверены, что хотите выйти из этой сессии?",
"Unable to logout from this session": "Не удалось выйти из этой сессии",
"Are you sure you want to logout all other sessions?": "Вы уверены, что хотите выйти из всех других сессий?",
src/locales/uk.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Оновити",
"Refresh": "Оновити",
"Clear": "Очистити",
"Generate": "Generate",
"None": "Немає",
"Unspecified": "Не вказано",
"Not set": "Не встановлено",
@@ -1349,6 +1350,8 @@
"Enabled": "Увімкнено",
"Disable": "Вимкнути",
"Disabled": "Вимкнено",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Копіювати",
"Visible": "Видимий",
"Show": "Показати",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Показати приховані шаблони транзакцій",
"Hide Hidden Transaction Templates": "Приховати приховані шаблони транзакцій",
"Template name cannot be blank": "Назва шаблону не може бути порожньою",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "Ви впевнені, що хочете вийти з цієї сесії?",
"Unable to logout from this session": "Не вдалося вийти з цієї сесії",
"Are you sure you want to logout all other sessions?": "Ви впевнені, що хочете вийти з усіх інших сесій?",
src/locales/vi.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "Cập nhật",
"Refresh": "Làm mới",
"Clear": "Xóa",
"Generate": "Generate",
"None": "Không có",
"Unspecified": "Không xác định",
"Not set": "Not set",
@@ -1349,6 +1350,8 @@
"Enabled": "Đã bật",
"Disable": "Tắt",
"Disabled": "Đã tắt",
"Configuration": "Configuration",
"Token": "Token",
"Copy": "Sao chép",
"Visible": "Hiển thị",
"Show": "Hiển thị",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "Hiển thị mẫu giao dịch ẩn",
"Hide Hidden Transaction Templates": "Ẩn mẫu giao dịch ẩn",
"Template name cannot be blank": "Tên mẫu không được để trống",
"Generate MCP token": "Generate MCP token",
"Unable to generate token": "Unable to generate token",
"Are you sure you want to logout from this session?": "Bạn có chắc chắn muốn đăng xuất khỏi phiên này không?",
"Unable to logout from this session": "Không thể đăng xuất khỏi phiên này",
"Are you sure you want to logout all other sessions?": "Bạn có chắc chắn muốn đăng xuất khỏi tất cả các phiên khác không?",
src/locales/zh_Hans.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "更新",
"Refresh": "刷新",
"Clear": "清除",
"Generate": "生成",
"None": "无",
"Unspecified": "未指定",
"Not set": "未设置",
@@ -1349,6 +1350,8 @@
"Enabled": "启用",
"Disable": "禁用",
"Disabled": "禁用",
"Configuration": "配置",
"Token": "令牌",
"Copy": "复制",
"Visible": "可见",
"Show": "显示",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "显示隐藏的模板",
"Hide Hidden Transaction Templates": "不显示隐藏的模板",
"Template name cannot be blank": "模板名不能为空",
"Generate MCP token": "生成 MCP 令牌",
"Unable to generate token": "无法生成令牌",
"Are you sure you want to logout from this session?": "您确定要退出该会话?",
"Unable to logout from this session": "无法退出该会话",
"Are you sure you want to logout all other sessions?": "您确定要退出其他所有会话?",
src/locales/zh_Hant.json
+5
View File
@@ -1331,6 +1331,7 @@
"Update": "更新",
"Refresh": "重新載入",
"Clear": "清除",
"Generate": "產生",
"None": "無",
"Unspecified": "未指定",
"Not set": "未設置",
@@ -1349,6 +1350,8 @@
"Enabled": "啟用",
"Disable": "停用",
"Disabled": "停用",
"Configuration": "設定",
"Token": "令牌",
"Copy": "複製",
"Visible": "可見",
"Show": "顯示",
@@ -2052,6 +2055,8 @@
"Show Hidden Transaction Templates": "顯示隱藏的範本",
"Hide Hidden Transaction Templates": "不顯示隱藏的範本",
"Template name cannot be blank": "範本名稱不能為空",
"Generate MCP token": "產生 MCP 令牌",
"Unable to generate token": "無法產生令牌",
"Are you sure you want to logout from this session?": "您確定要登出此會話?",
"Unable to logout from this session": "無法登出此會話",
"Are you sure you want to logout all other sessions?": "您確定要登出其他所有會話?",
src/models/token.ts
+11
View File
@@ -2,8 +2,19 @@ import type { ApplicationCloudSetting } from '@/core/setting.ts';
import type { UserBasicInfo } from './user.ts';
export const TOKEN_TYPE_MCP: number = 5;
export const TOKEN_CLI_USER_AGENT: string = 'ezbookkeeping Cli';
export interface TokenGenerateMCPRequest {
readonly password: string;
}
export interface TokenGenerateMCPResponse {
readonly token: string;
readonly mcpUrl: string;
}
export interface TokenRefreshResponse {
readonly newToken?: string;
readonly oldTokenId?: string;
src/stores/token.ts
+27 -1
View File
@@ -3,7 +3,7 @@ import { defineStore } from 'pinia';
import { useSettingsStore } from './setting.ts';
import { useUserStore } from './user.ts';
import type { TokenRefreshResponse, TokenInfoResponse } from '@/models/token.ts';
import type { TokenGenerateMCPResponse, TokenRefreshResponse, TokenInfoResponse } from '@/models/token.ts';
import { isObject } from '@/lib/common.ts';
import { updateCurrentToken } from '@/lib/userstate.ts';
@@ -69,6 +69,31 @@ export const useTokensStore = defineStore('tokens', () => {
});
}
function generateMCPToken({ password }: { password: string }): Promise<TokenGenerateMCPResponse> {
return new Promise((resolve, reject) => {
services.generateMCPToken({ password }).then(response => {
const data = response.data;
if (!data || !data.success || !data.result) {
reject({ message: 'Unable to generate token' });
return;
}
resolve(data.result);
}).catch(error => {
logger.error('failed to generate token', error);
if (error.response && error.response.data && error.response.data.errorMessage) {
reject({ error: error.response.data });
} else if (!error.processed) {
reject({ message: 'Unable to generate token' });
} else {
reject(error);
}
});
});
}
function revokeToken({ tokenId, ignoreError }: { tokenId: string, ignoreError?: boolean }): Promise<boolean> {
return new Promise((resolve, reject) => {
services.revokeToken({ tokenId, ignoreError }).then(response => {
@@ -123,6 +148,7 @@ export const useTokensStore = defineStore('tokens', () => {
// functions
getAllTokens,
refreshTokenAndRevokeOldToken,
generateMCPToken,
revokeToken,
revokeAllTokens
};
src/views/desktop/user/settings/dialogs/UserGenerateMCPTokenDialog.vue
+162
View File
@@ -0,0 +1,162 @@
<template>
<v-dialog width="800" :persistent="true" v-model="showState">
<v-card class="pa-2 pa-sm-4 pa-md-4">
<template #title>
<div class="d-flex align-center justify-center">
<h4 class="text-h4">{{ tt('Generate MCP token') }}</h4>
</div>
</template>
<v-card-text class="py-0 w-100 d-flex justify-center" v-if="generatedToken && serverUrl">
<v-switch class="export-data-display-switch" color="secondary"
:label="tt('Configuration')"
v-model="showConfiguration"
@click="showConfiguration = !showConfiguration">
<template #prepend>
<span>{{ tt('Token') }}</span>
</template>
</v-switch>
</v-card-text>
<v-card-text>
<v-row>
<v-col cols="12" md="12" v-if="!generatedToken">
<v-text-field
autocomplete="current-password"
type="password"
:disabled="generating"
:label="tt('Current Password')"
:placeholder="tt('Current Password')"
v-model="currentPassword"
@keyup.enter="generateToken"
/>
</v-col>
<v-col cols="12" md="12" v-if="generatedToken">
<v-textarea :readonly="true" :rows="4" :value="generatedToken" v-if="!showConfiguration || !serverUrl" />
<v-textarea :readonly="true" :rows="15" :value="mcpServerConfiguration" v-if="showConfiguration && serverUrl" />
</v-col>
</v-row>
</v-card-text>
<v-card-text class="overflow-y-visible">
<div ref="buttonContainer" class="w-100 d-flex justify-center gap-4">
<v-btn :disabled="generating || !currentPassword" @click="generateToken" v-if="!generatedToken">
{{ tt('Generate') }}
<v-progress-circular indeterminate size="22" class="ml-2" v-if="generating"></v-progress-circular>
</v-btn>
<v-btn color="secondary" variant="tonal" :disabled="generating"
@click="cancel" v-if="!generatedToken">{{ tt('Cancel') }}</v-btn>
<v-btn @click="copy" v-if="generatedToken">{{ tt('Copy') }}</v-btn>
<v-btn color="secondary" variant="tonal" @click="close" v-if="generatedToken">{{ tt('Close') }}</v-btn>
</div>
</v-card-text>
</v-card>
</v-dialog>
<snack-bar ref="snackbar" />
</template>
<script setup lang="ts">
import SnackBar from '@/components/desktop/SnackBar.vue';
import { ref, computed, useTemplateRef } from 'vue';
import { useI18n } from '@/locales/helpers.ts';
import { useTokensStore } from '@/stores/token.ts';
import { copyTextToClipboard } from '@/lib/ui/common.ts';
type SnackBarType = InstanceType<typeof SnackBar>;
const { tt } = useI18n();
const tokensStore = useTokensStore();
const buttonContainer = useTemplateRef<HTMLElement>('buttonContainer');
const snackbar = useTemplateRef<SnackBarType>('snackbar');
let resolveFunc: (() => void) | null = null;
let rejectFunc: ((reason?: unknown) => void) | null = null;
const showState = ref<boolean>(false);
const currentPassword = ref<string>('');
const generating = ref<boolean>(false);
const showConfiguration = ref<boolean>(false);
const serverUrl = ref<string>('');
const generatedToken = ref<string>('');
const mcpServerConfiguration = computed<string>(() => {
return '{\n' +
' "mcpServers": {\n' +
' "ezbookkeeping-mcp": {\n' +
' "type": "streamable-http",\n' +
' "url": "' + serverUrl.value + '",\n' +
' "headers": {\n' +
' "Authorization": "Bearer ' + generatedToken.value + '"\n' +
' }\n' +
' }\n' +
' }\n' +
'}'
});
function open(): Promise<void> {
showState.value = true;
currentPassword.value = '';
generating.value = false;
showConfiguration.value = false;
serverUrl.value = '';
generatedToken.value = '';
return new Promise((resolve, reject) => {
resolveFunc = resolve;
rejectFunc = reject;
});
}
function generateToken(): void {
if (generating.value || !currentPassword.value) {
return;
}
generating.value = true;
tokensStore.generateMCPToken({
password: currentPassword.value
}).then(result => {
generating.value = false;
currentPassword.value = '';
serverUrl.value = result.mcpUrl;
generatedToken.value = result.token;
}).catch(error => {
generating.value = false;
if (!error.processed) {
snackbar.value?.showError(error);
}
});
}
function copy(): void {
if (showConfiguration.value) {
copyTextToClipboard(mcpServerConfiguration.value, buttonContainer.value);
} else {
copyTextToClipboard(generatedToken.value, buttonContainer.value);
}
snackbar.value?.showMessage('Data copied');
}
function cancel(): void {
rejectFunc?.();
showState.value = false;
}
function close(): void {
resolveFunc?.();
showState.value = false;
}
defineExpose({
open
});
</script>
src/views/desktop/user/settings/tabs/UserSecuritySettingTab.vue
+16 -1
View File
@@ -68,6 +68,8 @@
<template #title>
<div class="d-flex align-center">
<span>{{ tt('Device & Sessions') }}</span>
<v-btn class="ml-3" density="compact" color="default" variant="outlined"
@click="generateMCPToken">{{ tt('Generate MCP token') }}</v-btn>
<v-btn density="compact" color="default" variant="text" size="24"
class="ml-2" :icon="true" :loading="loadingSession" @click="reloadSessions(false)">
<template #loader>
@@ -106,7 +108,7 @@
v-for="session in sessions">
<td class="text-sm">
<v-icon start :icon="session.icon"/>
{{ tt(session.isCurrent ? 'Current' : 'Other Device') }}
{{ session.deviceType === 'mcp' ? 'MCP' : (tt(session.isCurrent ? 'Current' : 'Other Device')) }}
</td>
<td class="text-sm">{{ session.deviceInfo }}</td>
<td class="text-sm">{{ session.lastSeenDateTime }}</td>
@@ -124,12 +126,14 @@
</v-col>
</v-row>
<user-generate-m-c-p-token-dialog ref="generateMCPTokenDialog" />
<confirm-dialog ref="confirmDialog"/>
<snack-bar ref="snackbar" />
</template>
<script setup lang="ts">
import { VTextField } from 'vuetify/components/VTextField';
import UserGenerateMCPTokenDialog from '@/views/desktop/user/settings/dialogs/UserGenerateMCPTokenDialog.vue';
import ConfirmDialog from '@/components/desktop/ConfirmDialog.vue';
import SnackBar from '@/components/desktop/SnackBar.vue';
@@ -152,6 +156,7 @@ import {
mdiTablet,
mdiWatch,
mdiTelevision,
mdiMagicStaff,
mdiConsole,
mdiDevices
} from '@mdi/js';
@@ -167,6 +172,7 @@ class DesktopPageSessionInfo extends SessionInfo {
}
}
type UserGenerateMCPTokenDialogType = InstanceType<typeof UserGenerateMCPTokenDialog>;
type ConfirmDialogType = InstanceType<typeof ConfirmDialog>;
type SnackBarType = InstanceType<typeof SnackBar>;
@@ -178,6 +184,7 @@ const tokensStore = useTokensStore();
const newPasswordInput = useTemplateRef<VTextField>('newPasswordInput');
const confirmPasswordInput = useTemplateRef<VTextField>('confirmPasswordInput');
const generateMCPTokenDialog = useTemplateRef<UserGenerateMCPTokenDialogType>('generateMCPTokenDialog');
const confirmDialog = useTemplateRef<ConfirmDialogType>('confirmDialog');
const snackbar = useTemplateRef<SnackBarType>('snackbar');
@@ -229,6 +236,8 @@ function getTokenIcon(deviceType: string): string {
return mdiTablet;
} else if (deviceType === 'tv') {
return mdiTelevision;
} else if (deviceType === 'mcp') {
return mdiMagicStaff;
} else if (deviceType === 'cli') {
return mdiConsole;
} else {
@@ -288,6 +297,12 @@ function updatePassword(): void {
});
}
function generateMCPToken(): void {
generateMCPTokenDialog.value?.open().then(() => {
reloadSessions(true);
});
}
function reloadSessions(silent?: boolean): void {
loadingSession.value = true;
src/views/mobile/users/SessionListPage.vue
+3 -1
View File
@@ -24,7 +24,7 @@
<f7-list strong inset dividers media-list class="margin-top" v-else-if="!loading">
<f7-list-item class="list-item-media-valign-middle" swipeout
:id="session.domId"
:title="tt(session.isCurrent ? 'Current' : 'Other Device')"
:title="session.deviceType === 'mcp' ? 'MCP' : (tt(session.isCurrent ? 'Current' : 'Other Device'))"
:text="session.deviceInfo"
:key="session.tokenId"
v-for="session in sessions">
@@ -107,6 +107,8 @@ function getTokenIcon(deviceType: string): string {
return 'device_tablet_portrait';
} else if (deviceType === 'tv') {
return 'tv';
} else if (deviceType === 'mcp') {
return 'wand_stars';
} else if (deviceType === 'cli') {
return 'chevron_left_slash_chevron_right';
} else {