Merge pull request #487 from leepeuker/add-user-api-token

Add api token for users
leepeuker · Sep 2, 2023 · 7689aae · 7689aae
2 parents 6798a99 + 352998f
commit 7689aae
Show file tree

Hide file tree

Showing 8 changed files with 255 additions and 304 deletions.
diff --git a/db/migrations/mysql/20230814190244_add_totp_secret_column.php b/db/migrations/mysql/20230814190244_add_totp_secret_column.php
diff --git a/db/migrations/sqlite/20230814190237_add_totp_secret_column.php b/db/migrations/sqlite/20230814190237_add_totp_secret_column.php
diff --git a/public/js/settings-account-general.js b/public/js/settings-account-general.js
@@ -53,3 +53,75 @@ function updateGeneral(dateFormat, username, privacyLevel, enableAutomaticWatchl
         })
     })
 }
+
+function deleteApiToken() {
+    if (confirm('Do you really want to delete the api token?') === false) {
+        return
+    }
+
+    removeAlert('alertApiTokenDiv')
+
+    deleteApiTokenRequest().then(() => {
+        setApiToken('')
+        addAlert('alertApiTokenDiv', 'Deleted api token', 'success')
+    }).catch((error) => {
+        console.log(error)
+        addAlert('alertApiTokenDiv', 'Could not delete api token', 'danger')
+    })
+}
+
+function regenerateApiToken() {
+    if (confirm('Do you really want to regenerate the api token?') === false) {
+        return
+    }
+
+    removeAlert('alertApiTokenDiv')
+
+    regenerateApiTokenRequest().then(response => {
+        setApiToken(response.token)
+        addAlert('alertApiTokenDiv', 'Generated new api token', 'success')
+    }).catch((error) => {
+        console.log(error)
+        addAlert('alertApiTokenDiv', 'Could not generate api token', 'danger')
+    })
+}
+
+async function deleteApiTokenRequest() {
+    const response = await fetch('/settings/account/general/api-token', {'method': 'delete'})
+
+    if (!response.ok) {
+        throw new Error(`HTTP error! status: ${response.status}`)
+    }
+}
+
+async function regenerateApiTokenRequest() {
+    const response = await fetch('/settings/account/general/api-token', {'method': 'put'})
+
+    if (!response.ok) {
+        throw new Error(`HTTP error! status: ${response.status}`)
+    }
+
+    return await response.json()
+}
+
+function setApiToken(apiToken) {
+    document.getElementById('apiToken').value = apiToken
+
+    document.getElementById('deleteApiTokenButton').disabled = apiToken === null || apiToken.length === 0
+}
+
+fetch(
+    '/settings/account/general/api-token'
+).then(async function (response) {
+    if (response.status === 200) {
+        const responseData = await response.json();
+
+        setApiToken(responseData.token)
+        return
+    }
+
+    addAlert('alertApiTokenDiv', 'Could not load api token', 'danger')
+}).catch(function (error) {
+    console.log(error)
+    addAlert('alertApiTokenDiv', 'Could not load api token', 'danger')
+})
diff --git a/settings/routes.php b/settings/routes.php
@@ -118,6 +118,21 @@
         '/settings/account/general',
         [\Movary\HttpController\Web\SettingsController::class, 'renderGeneralAccountPage'],
     );
+    $routeCollector->addRoute(
+        'GET',
+        '/settings/account/general/api-token',
+        [\Movary\HttpController\Web\SettingsController::class, 'getApiToken'],
+    );
+    $routeCollector->addRoute(
+        'DELETE',
+        '/settings/account/general/api-token',
+        [\Movary\HttpController\Web\SettingsController::class, 'deleteApiToken'],
+    );
+    $routeCollector->addRoute(
+        'PUT',
+        '/settings/account/general/api-token',
+        [\Movary\HttpController\Web\SettingsController::class, 'regenerateApiToken'],
+    );
     $routeCollector->addRoute(
         'GET',
         '/settings/account/dashboard',