mirror/UNIT3D-Community-Edition
1
0
Fork 0
mirror of https://github.com/HDInnovations/UNIT3D-Community-Edition.git synced 2026-05-02 16:29:49 -05:00
Code Issues Packages Projects Releases Wiki Activity

(Update) API Token Managment 🚀

Browse Source
This commit is contained in:
HDVinnie
2019-12-16 21:05:10 -05:00
parent c55d47cabb
commit b57ed65d93
6 changed files with 82 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/UserController.php
+22
View File
@@ -31,6 +31,7 @@ use App\Models\UserNotification;
use App\Models\UserPrivacy;
use App\Models\Warning;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use Image;
@@ -1160,6 +1161,27 @@ class UserController extends Controller
->withSuccess('Your RID Was Changed Successfully!');
}
/**
* Change User API Token.
*
* @param \Illuminate\Http\Request $request
* @param $username
*
* @return Illuminate\Http\RedirectResponse
*/
public function changeApiToken(Request $request, $username)
{
$user = User::where('username', '=', $username)->firstOrFail();
abort_unless($request->user()->id == $user->id, 403);
$user->api_token = Str::random(100);
$user->save();
return redirect()->route('user_security', ['username' => $user->username, 'hash' => '#api'])
->withSuccess('Your API Token Was Changed Successfully!');
}
/**
* User Privacy Settings.
*
config/auth.php
+1 -1
View File
@@ -116,7 +116,7 @@ return [
|--------------------------------------------------------------------------
*/
'TwoStepEnabled' => false,
'TwoStepEnabled' => true,
/*
|--------------------------------------------------------------------------
database/seeds/UsersTableSeeder.php
+34 -28
View File
@@ -10,8 +10,10 @@
* @license https://www.gnu.org/licenses/agpl-3.0.en.html/ GNU Affero General Public License v3.0
* @author HDVinnie
*/
use App\Models\User;
use Illuminate\Database\Seeder;
use Illuminate\Support\Str;
class UsersTableSeeder extends Seeder
{
@@ -24,43 +26,47 @@ class UsersTableSeeder extends Seeder
{
$users = [
[
'username' => 'System',
'email' => 'system@none.com',
'group_id' => 9,
'password' => \Hash::make(env('DEFAULT_OWNER_PASSWORD')),
'passkey' => md5(uniqid().time().microtime()),
'rsskey' => md5(uniqid().time()),
'active' => 1,
'username' => 'System',
'email' => 'system@none.com',
'group_id' => 9,
'password' => \Hash::make(env('DEFAULT_OWNER_PASSWORD')),
'passkey' => md5(uniqid().time().microtime()),
'rsskey' => md5(uniqid().time()),
'api_token' => Str::random(100),
'active' => 1,
],
[
'username' => 'Bot',
'email' => 'bot@none.com',
'group_id' => 9,
'password' => \Hash::make(env('DEFAULT_OWNER_PASSWORD')),
'passkey' => md5(uniqid().time().microtime()),
'rsskey' => md5(uniqid().time()),
'active' => 1,
'username' => 'Bot',
'email' => 'bot@none.com',
'group_id' => 9,
'password' => \Hash::make(env('DEFAULT_OWNER_PASSWORD')),
'passkey' => md5(uniqid().time().microtime()),
'rsskey' => md5(uniqid().time()),
'api_token' => Str::random(100),
'active' => 1,
],
[
'username' => env('DEFAULT_OWNER_NAME', 'UNIT3D'),
'email' => env('DEFAULT_OWNER_EMAIL', 'none@none.com'),
'group_id' => 10,
'password' => \Hash::make(env('DEFAULT_OWNER_PASSWORD', 'UNIT3D')),
'passkey' => md5(uniqid().time().microtime()),
'rsskey' => md5(uniqid().time()),
'active' => 1,
'username' => env('DEFAULT_OWNER_NAME', 'UNIT3D'),
'email' => env('DEFAULT_OWNER_EMAIL', 'none@none.com'),
'group_id' => 10,
'password' => \Hash::make(env('DEFAULT_OWNER_PASSWORD', 'UNIT3D')),
'passkey' => md5(uniqid().time().microtime()),
'rsskey' => md5(uniqid().time()),
'api_token' => Str::random(100),
'active' => 1,
],
];
foreach ($users as $user) {
User::create([
'username' => $user['username'],
'email' => $user['email'],
'group_id' => $user['group_id'],
'password' => $user['password'],
'passkey' => $user['passkey'],
'rsskey' => $user['rsskey'],
'active' => $user['active'],
'username' => $user['username'],
'email' => $user['email'],
'group_id' => $user['group_id'],
'password' => $user['password'],
'passkey' => $user['passkey'],
'rsskey' => $user['rsskey'],
'api_token' => $user['api_token'],
'active' => $user['active'],
]);
}
}
resources/lang/en/user.php
+2
View File
@@ -264,6 +264,8 @@ return [
These settings are overridden if you do not allow any groups to send notifications concerning request activities or if you <strong>Disable Notifications</strong>',
'request-privacy' => 'Request Settings',
'request-privacy-requested' => 'Allow users to view a list of requests that you have made',
'reset-api_token' => 'Reset API Token',
'reset-passkey-help' => 'You will have to update any scripts or applications you are using with your new token, after resetting the API Toekn',
'reset-passkey' => 'Reset Pass Key (PID)',
'reset-passkey-help' => 'You will have to re-download/re-upload all of your active torrents, after resetting the PID',
'reset-rss' => 'Reset RSS Key (RID)',
resources/views/user/security.blade.php
+22 -2
View File
@@ -34,6 +34,7 @@
<li><a href="#email" data-toggle="tab">Email</a></li>
<li><a href="#pid" data-toggle="tab">Pass Key (PID)</a></li>
<li><a href="#rid" data-toggle="tab">RSS Key (RID)</a></li>
<li><a href="#api" data-toggle="tab">API Token</a></li>
@if (config('auth.TwoStepEnabled') == true)
<li><a href="#twostep" data-toggle="tab">Two Step Auth</a></li>
@endif
@@ -125,7 +126,7 @@
<div class="form-group">
<label for="current_rid">Current RID</label>
<p class="form-control-static text-monospace current_pid">{{ $user->rsskey }}</p>
<p class="form-control-static text-monospace current_rid">{{ $user->rsskey }}</p>
</div>
</div>
<div class="well text-center">
@@ -133,7 +134,26 @@
</div>
</form>
</div>
<div role="tabpanel" class="tab-pane" id="api">
<form role="form" method="POST" action="{{ route('change_api_token', ['username' => $user->username]) }}">
@csrf
<div class="well">
<h3>@lang('user.reset-api-token').</h3>
<div class="help-block">@lang('user.reset-api-help').</div>
</h3>
<hr>
<div class="form-group">
<label for="current_rid">Current API Token</label>
<p class="form-control-static text-monospace current_api">{{ $user->api_token ?? 'You currently do not have a API Token.' }}</p>
</div>
</div>
<div class="well text-center">
<button type="submit" class="btn btn-primary">Reset API Token</button>
</div>
</form>
</div>
@if (config('auth.TwoStepEnabled') == true)
<div role="tabpanel" class="tab-pane" id="twostep">
routes/web.php
+1
View File
@@ -321,6 +321,7 @@ Route::group(['middleware' => 'language'], function () {
Route::post('/{username}/settings/change_email', 'UserController@changeEmail')->name('change_email');
Route::post('/{username}/settings/change_pid', 'UserController@changePID')->name('change_pid');
Route::post('/{username}/settings/change_rid', 'UserController@changeRID')->name('change_rid');
Route::post('/{username}/settings/change_api_token', 'UserController@changeApiToken')->name('change_api_token');
Route::get('/{username}/settings/notification/disable', 'UserController@disableNotifications')->name('notification_disable');
Route::get('/{username}/settings/notification/enable', 'UserController@enableNotifications')->name('notification_enable');
Route::post('/{username}/settings/notification/account', 'UserController@changeAccountNotification')->name('notification_account');