remove /api/vault endpoints

2026-05-11 18:36:44 +03:00
parent 64696b334c
commit 8d91dbeb14
10 changed files with 12 additions and 211 deletions
--- a/apps/api/src/controllers/vault.controller.ts
+++ b/apps/api/src/controllers/vault.controller.ts
@@ -1,70 +0,0 @@
-import { Request, Response } from 'express';
-import { UserModel } from '../models/user.model';
-import { logger } from '../lib/logger';
-
-const MAX_VAULT_SIZE = 8192; // base64 encrypted blob upper limit
-const MAX_SALT_LEN = 128;
-
-/**
- * Encrypted vault — opaque blob (зашифрованный mnemonic, AES-GCM на клиенте).
- * Сервис хранит как есть; никогда не расшифровывает. Ключ только у клиента
- * (PBKDF2(password+pin) или аналог).
- */
-export const VaultController = {
-  /**
-   * GET /api/vault — вернуть encrypted_vault + vault_salt пользователя.
-   */
-  async getVault(req: Request, res: Response) {
-    const userId = req.auth!.userId;
-    try {
-      const row = await UserModel.getVault(userId);
-      if (!row || !row.encrypted_vault || !row.vault_salt) {
-        res.status(404).json({ success: false, error: 'Vault not found' });
-        return;
-      }
-      res.json({
-        success: true,
-        data: {
-          encryptedVault: row.encrypted_vault,
-          vaultSalt: row.vault_salt,
-        },
-      });
-    } catch (err: any) {
-      logger.error(`getVault failed for user ${userId}: ${err.stack || err.message}`);
-      res.status(500).json({ success: false, error: 'Internal error' });
-    }
-  },
-
-  /**
-   * PUT /api/vault — сохранить новый encrypted_vault + vault_salt.
-   * Создаёт user-row если её ещё нет.
-   */
-  async putVault(req: Request, res: Response) {
-    const userId = req.auth!.userId;
-    const { encryptedVault, vaultSalt } = req.body ?? {};
-
-    if (typeof encryptedVault !== 'string' || encryptedVault.length === 0 || encryptedVault.length > MAX_VAULT_SIZE) {
-      res.status(400).json({
-        success: false,
-        error: `encryptedVault must be a non-empty string (max ${MAX_VAULT_SIZE} chars)`,
-      });
-      return;
-    }
-    if (typeof vaultSalt !== 'string' || vaultSalt.length === 0 || vaultSalt.length > MAX_SALT_LEN) {
-      res.status(400).json({
-        success: false,
-        error: `vaultSalt must be a non-empty string (max ${MAX_SALT_LEN} chars)`,
-      });
-      return;
-    }
-
-    try {
-      await UserModel.ensureExists(userId);
-      await UserModel.setVault(userId, encryptedVault, vaultSalt);
-      res.json({ success: true });
-    } catch (err: any) {
-      logger.error(`putVault failed for user ${userId}: ${err.stack || err.message}`);
-      res.status(500).json({ success: false, error: 'Internal error' });
-    }
-  },
-};