User-based API key. Closes #256.

This commit is contained in:
James Brooks
2015-01-03 17:51:35 +00:00
parent 1d30133851
commit 3d4c38c7ee
9 changed files with 187 additions and 1 deletions
+2 -1
View File
@@ -128,9 +128,10 @@ return [
'Roumen\Feed\FeedServiceProvider',
'Thujohn\Rss\RssServiceProvider',
'CachetHQ\Cachet\Providers\AuthServiceProvider',
'CachetHQ\Cachet\Providers\ConsoleServiceProvider',
'CachetHQ\Cachet\Providers\RepositoryServiceProvider',
'CachetHQ\Cachet\Providers\RoutingServiceProvider',
'CachetHQ\Cachet\Providers\ConsoleServiceProvider',
],
+6
View File
@@ -76,9 +76,15 @@ return [
*/
'auth' => [
'basic' => function ($app) {
return new Dingo\Api\Auth\BasicProvider($app['auth']);
},
'api_key' => function ($app) {
return new CachetHQ\Cachet\Auth\ApiKeyAuthenticator();
},
],
/*
@@ -0,0 +1,32 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AlterTableUsersAddApiKey extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->string('api_key')->after('email');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn();
});
}
}
+1
View File
@@ -37,6 +37,7 @@ Route::group(['before' => 'auth', 'prefix' => 'dashboard', 'namespace' => 'Cache
// User Settings
Route::get('user', ['as' => 'dashboard.user', 'uses' => 'DashUserController@showUser']);
Route::get('/user/{user}/api/regen', 'DashUserController@regenerateApiKey');
Route::post('user', 'DashUserController@postUser');
// Internal API.
+7
View File
@@ -33,9 +33,16 @@
<label>Password</label>
<input type='password' class='form-control' name='password' value='' />
</div>
<hr />
<div class='form-group'>
<label>API Key</label>
<input type='text' class='form-control' name='api_key' disabled value='{{ Auth::user()->api_key }}' />
<span class='help-block'>Regenerating your API key will revoke all existing applications.</span>
</div>
</fieldset>
<button type="submit" class="btn btn-success">Update profile</button>
<a href='/dashboard/user/{{ Auth::user()->id }}/api/regen' class='btn btn-warning'>Regenerate API Key</a>
</form>
</div>
</div>