From 1158fa9ea8f257b85b02461f354e7720860f6c3c Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 28 Jun 2022 21:29:15 -0700 Subject: [PATCH] Added personal access tokens to api Signed-off-by: snipe --- .../Controllers/Api/ProfileController.php | 95 ++++++++++++++++++- routes/api.php | 21 ++++ 2 files changed, 115 insertions(+), 1 deletion(-) diff --git a/app/Http/Controllers/Api/ProfileController.php b/app/Http/Controllers/Api/ProfileController.php index 8a06a268dd..4794fc86a8 100644 --- a/app/Http/Controllers/Api/ProfileController.php +++ b/app/Http/Controllers/Api/ProfileController.php @@ -5,10 +5,35 @@ namespace App\Http\Controllers\Api; use App\Helpers\Helper; use App\Http\Controllers\Controller; use App\Models\CheckoutRequest; -use Auth; +use Illuminate\Http\Response; +use Illuminate\Support\Facades\Auth; +use Illuminate\Http\Request; +use Laravel\Passport\TokenRepository; +use Illuminate\Contracts\Validation\Factory as ValidationFactory; class ProfileController extends Controller { + + /** + * The token repository implementation. + * + * @var \Laravel\Passport\TokenRepository + */ + protected $tokenRepository; + + /** + * Create a controller instance. + * + * @param \Laravel\Passport\TokenRepository $tokenRepository + * @param \Illuminate\Contracts\Validation\Factory $validation + * @return void + */ + public function __construct(TokenRepository $tokenRepository, ValidationFactory $validation) + { + $this->validation = $validation; + $this->tokenRepository = $tokenRepository; + } + /** * Display a listing of requested assets. * @@ -42,4 +67,72 @@ class ProfileController extends Controller return $results; } + + + /** + * Delete an API token + * + * @author [A. Gianotto] [] + * @since [v6.0.5] + * + * @return \Illuminate\Http\Response + */ + public function createApiToken(Request $request) { + + $accessTokenName = $request->input('name', 'Auth Token'); + + if ($accessToken = Auth::user()->createToken($accessTokenName)->accessToken) { + return response()->json(Helper::formatStandardApiResponse('success', $accessToken, 'Personal access token '.$accessTokenName.' created successfully')); + } + + return response()->json(Helper::formatStandardApiResponse('error', null, 'Token could not be created.')); + + } + + + /** + * Delete an API token + * + * @author [A. Gianotto] [] + * @since [v6.0.5] + * + * @return \Illuminate\Http\Response + */ + public function deleteApiToken($tokenId) { + + $token = $this->tokenRepository->findForUser( + $tokenId, Auth::user()->getAuthIdentifier() + ); + + if (is_null($token)) { + return new Response('', 404); + } + + $token->revoke(); + + return new Response('', Response::HTTP_NO_CONTENT); + + } + + + /** + * Show user's API tokens + * + * @author [A. Gianotto] [] + * @since [v6.0.5] + * + * @return \Illuminate\Http\Response + */ + public function showTokens(Request $request) { + + $tokens = $this->tokenRepository->forUser(Auth::user()->getAuthIdentifier()); + + return $tokens->load('client')->filter(function ($token) { + return $token->client->personal_access_client && ! $token->revoked; + })->values(); + + } + + + } diff --git a/routes/api.php b/routes/api.php index 29af435687..0a3ab2b0a5 100644 --- a/routes/api.php +++ b/routes/api.php @@ -48,6 +48,27 @@ Route::group(['prefix' => 'v1', 'middleware' => ['api', 'throttle:api']], functi ] )->name('api.assets.requestable'); + Route::post('personal-access-token', + [ + Api\ProfileController::class, + 'createApiToken' + ] + )->name('api.personal-access-token.create'); + + Route::get('personal-access-tokens', + [ + Api\ProfileController::class, + 'showTokens' + ] + )->name('api.personal-access-token.index'); + + Route::delete('personal-access-token/{tokenId}', + [ + Api\ProfileController::class, + 'deleteApiToken' + ] + )->name('api.personal-access-token.delete'); + }); // end account group