lucas.mathieu/cachet-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

User-based API key. Closes #256.

Browse Source
This commit is contained in:
James Brooks
2015-01-03 17:51:35 +00:00
parent 1d30133851
commit 3d4c38c7ee
9 changed files with 187 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Auth/ApiKeyAuthenticator.php
+48
View File
@@ -0,0 +1,48 @@
<?php
namespace CachetHQ\Cachet\Auth;
use CachetHQ\Cachet\Models\User;
use Dingo\Api\Auth\AuthorizationProvider;
use Dingo\Api\Routing\Route;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Http\Request;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
class ApiKeyAuthenticator extends AuthorizationProvider
{
/**
* Authenticate the request and return the authenticated user instance.
*
* @param \Illuminate\Http\Request $request
* @param \Dingo\Api\Routing\Route $route
*
* @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException
*
* @return \CachetHQ\Cachet\Models\User
*/
public function authenticate(Request $request, Route $route)
{
$api_key = $request->input('api_key', false);
if ($api_key === false) {
throw new UnauthorizedHttpException(null, 'You did not provide an API key.');
}
try {
return User::findByApiKey($api_key);
} catch (ModelNotFoundException $e) {
throw new UnauthorizedHttpException(null, 'The API key you provided was not correct.');
}
}
/**
* Get the providers authorization method.
*
* @return string
*/
public function getAuthorizationMethod()
{
return 'api_key';
}
}
src/Http/Controllers/DashUserController.php
+14
View File
@@ -2,6 +2,7 @@
namespace CachetHQ\Cachet\Http\Controllers;
use CachetHQ\Cachet\Models\User;
use GrahamCampbell\Binput\Facades\Binput;
use Illuminate\Routing\Controller;
use Illuminate\Support\Facades\Auth;
@@ -35,4 +36,17 @@ class DashUserController extends Controller
return Redirect::back()->with('updated', $updated);
}
/**
* Regenerates the users API key.
*
* @return \Illuminate\View\View
*/
public function regenerateApiKey(User $user)
{
$user->api_key = User::generateApiKey();
$user->save();
return Redirect::back();
}
}
src/Models/User.php
+46
View File
@@ -7,6 +7,7 @@ use Illuminate\Auth\Reminders\RemindableTrait;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\UserTrait;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Support\Facades\Hash;
/**
@@ -47,6 +48,20 @@ class User extends Model implements UserInterface, RemindableInterface
*/
protected $guarded = [];
/**
* Overrides the models boot method.
*
* @return void
*/
public static function boot()
{
parent::boot();
self::creating(function ($user) {
$user->api_key = self::generateApiKey();
});
}
/**
* Hash any password being inserted by default.
*
@@ -72,4 +87,35 @@ class User extends Model implements UserInterface, RemindableInterface
{
return sprintf('https://www.gravatar.com/avatar/%s?size=%d', md5($this->email), $size);
}
/**
* Find by api_key, or throw an exception.
*
* @param string $api_key
* @param string[] $columns
*
* @throws \Illuminate\Database\Eloquent\ModelNotFoundException
*
* @return \CachetHQ\Cachet\Models\User
*/
public static function findByApiKey($api_key, $columns = ['*'])
{
$user = static::where('api_key', $api_key)->first($columns);
if (!$user) {
throw new ModelNotFoundException();
}
return $user;
}
/**
* Returns an API key.
*
* @return string
*/
public static function generateApiKey()
{
return str_random(20);
}
}
src/Providers/AuthServiceProvider.php
+31
View File
@@ -0,0 +1,31 @@
<?php
namespace CachetHQ\Cachet\Providers;
use CachetHQ\Cachet\Auth\ApiKeyAuthenticator;
use Illuminate\Support\ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
/**
* Boot the service provider.
*
* @return void
*/
public function boot()
{
//
}
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
$this->app->bindShared('CachetHQ\Cachet\Auth\ApiKeyAuthenticator', function () {
return new ApiKeyAuthenticator();
});
}
}