diff --git a/app/config/packages/dingo/api/config.php b/app/config/packages/dingo/api/config.php index 8e980234..c67db75c 100644 --- a/app/config/packages/dingo/api/config.php +++ b/app/config/packages/dingo/api/config.php @@ -81,8 +81,8 @@ return [ return new Dingo\Api\Auth\BasicProvider($app['auth']); }, - 'api_key' => function ($app) { - return new CachetHQ\Cachet\Http\Auth\ApiKeyAuthenticator(); + 'api_token' => function ($app) { + return new CachetHQ\Cachet\Http\Auth\ApiTokenAuthenticator(); }, ], diff --git a/app/lang/en/forms.php b/app/lang/en/forms.php index 1b7d53af..ee848419 100644 --- a/app/lang/en/forms.php +++ b/app/lang/en/forms.php @@ -77,12 +77,12 @@ return [ ], 'user' => [ - 'username' => 'Username', - 'email' => 'Email', - 'password' => 'Password', - 'api-key' => 'API Key', - 'api-key-help' => 'Regenerating your API key will revoke all existing applications.', - '2fa' => [ + 'username' => 'Username', + 'email' => 'Email', + 'password' => 'Password', + 'api-token' => 'API Token', + 'api-token-help' => 'Regenerating your API token will revoke all existing applications.', + '2fa' => [ 'help' => 'Enabling two factor authentication increases security of your account. You will need to download Google Authenticator or a similar app on to your mobile device. When you login you will be asked to provide a token generated by the app.', ], ], diff --git a/app/lang/fr/forms.php b/app/lang/fr/forms.php index 5bce6ae4..03c45128 100644 --- a/app/lang/fr/forms.php +++ b/app/lang/fr/forms.php @@ -77,12 +77,12 @@ return [ ], 'user' => [ - 'username' => 'Identifiant', - 'email' => 'Adresse email', - 'password' => 'Mot de passe', - 'api-key' => 'Clé API', - 'api-key-help' => 'Regénérer votre clé API révoquera toutes les applications existantes.', - '2fa' => [ + 'username' => 'Identifiant', + 'email' => 'Adresse email', + 'password' => 'Mot de passe', + 'api-token' => 'Jeton API', + 'api-token-help' => 'Regénérer votre jeton API révoquera toutes les applications existantes.', + '2fa' => [ 'help' => 'Enabling two factor authentication increases security of your account. You will need to download Google Authenticator or a similar app on to your mobile device. When you login you will be asked to provide a token generated by the app.', ], ], diff --git a/app/lang/pt-BR/forms.php b/app/lang/pt-BR/forms.php index 8eefb1e5..a46b6e95 100755 --- a/app/lang/pt-BR/forms.php +++ b/app/lang/pt-BR/forms.php @@ -76,12 +76,12 @@ return [ ], 'user' => [ - 'username' => 'Usuário', - 'email' => 'Email', - 'password' => 'Senha', - 'api-key' => 'Chave da API', - 'api-key-help' => 'Regenerar sua chave de API irá revogar todos os aplicativos existentes.', - '2fa' => [ + 'username' => 'Usuário', + 'email' => 'Email', + 'password' => 'Senha', + 'api-token' => 'API Token', + 'api-token-help' => 'Regenerating your API token will revoke all existing applications.', + '2fa' => [ 'help' => 'Enabling two factor authentication increases security of your account. You will need to download Google Authenticator or a similar app on to your mobile device. When you login you will be asked to provide a token generated by the app.', ], ], diff --git a/app/views/dashboard/user/index.blade.php b/app/views/dashboard/user/index.blade.php index 981edb32..d18f4905 100644 --- a/app/views/dashboard/user/index.blade.php +++ b/app/views/dashboard/user/index.blade.php @@ -29,9 +29,9 @@
- + - {{ trans('forms.user.api-key-help') }} + {{ trans('forms.user.api-token-help') }}
diff --git a/src/Http/Auth/ApiKeyAuthenticator.php b/src/Http/Auth/ApiTokenAuthenticator.php similarity index 64% rename from src/Http/Auth/ApiKeyAuthenticator.php rename to src/Http/Auth/ApiTokenAuthenticator.php index 78829fa2..eed3d456 100644 --- a/src/Http/Auth/ApiKeyAuthenticator.php +++ b/src/Http/Auth/ApiTokenAuthenticator.php @@ -9,7 +9,7 @@ use Illuminate\Database\Eloquent\ModelNotFoundException; use Illuminate\Http\Request; use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; -class ApiKeyAuthenticator extends AuthorizationProvider +class ApiTokenAuthenticator extends AuthorizationProvider { /** * Authenticate the request and return the authenticated user instance. @@ -23,17 +23,15 @@ class ApiKeyAuthenticator extends AuthorizationProvider */ public function authenticate(Request $request, Route $route) { - $api_key = $request->input('api_key', false); - - if ($api_key === false) { - throw new UnauthorizedHttpException(null, 'You did not provide an API key.'); + if ($apiToken = $request->header('X-Cachet-Token')) { + try { + return User::findByApiToken($apiToken); + } catch (ModelNotFoundException $e) { + throw new UnauthorizedHttpException(null, 'The API key you provided was not correct.'); + } } - try { - return User::findByApiKey($api_key); - } catch (ModelNotFoundException $e) { - throw new UnauthorizedHttpException(null, 'You need to be authenticated to perform this action.'); - } + throw new UnauthorizedHttpException(null, 'You are not authorized to view this content.'); } /** @@ -43,6 +41,6 @@ class ApiKeyAuthenticator extends AuthorizationProvider */ public function getAuthorizationMethod() { - return 'api_key'; + return 'api_token'; } } diff --git a/src/Models/User.php b/src/Models/User.php index 0cfbaca0..863fec66 100644 --- a/src/Models/User.php +++ b/src/Models/User.php @@ -96,16 +96,16 @@ class User extends Model implements UserInterface, RemindableInterface /** * Find by api_key, or throw an exception. * - * @param string $api_key + * @param string $token * @param string[] $columns * * @throws \Illuminate\Database\Eloquent\ModelNotFoundException * * @return \CachetHQ\Cachet\Models\User */ - public static function findByApiKey($api_key, $columns = ['*']) + public static function findByApiToken($token, $columns = ['*']) { - $user = static::where('api_key', $api_key)->first($columns); + $user = static::where('api_key', $token)->first($columns); if (!$user) { throw new ModelNotFoundException(); diff --git a/src/Providers/AuthServiceProvider.php b/src/Providers/AuthServiceProvider.php index 74c9ce4a..c83ac6fc 100644 --- a/src/Providers/AuthServiceProvider.php +++ b/src/Providers/AuthServiceProvider.php @@ -2,7 +2,7 @@ namespace CachetHQ\Cachet\Providers; -use CachetHQ\Cachet\Http\Auth\ApiKeyAuthenticator; +use CachetHQ\Cachet\Http\Auth\ApiTokenAuthenticator; use Illuminate\Support\ServiceProvider; class AuthServiceProvider extends ServiceProvider @@ -24,8 +24,8 @@ class AuthServiceProvider extends ServiceProvider */ public function register() { - $this->app->bindShared('CachetHQ\Cachet\Http\Auth\ApiKeyAuthenticator', function () { - return new ApiKeyAuthenticator(); + $this->app->bindShared('CachetHQ\Cachet\Http\Auth\ApiTokenAuthenticator', function () { + return new ApiTokenAuthenticator(); }); } }