Added personal access tokens to api

Signed-off-by: snipe <snipe@snipe.net>

app/Http/Controllers/Api/ProfileController.php

@@ -5,10 +5,35 @@ namespace App\Http\Controllers\Api;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\CheckoutRequest;
-use Auth;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Http\Request;
+use Laravel\Passport\TokenRepository;
+use Illuminate\Contracts\Validation\Factory as ValidationFactory;
 
 class ProfileController extends Controller
 {
+
+    /**
+     * The token repository implementation.
+     *
+     * @var \Laravel\Passport\TokenRepository
+     */
+    protected $tokenRepository;
+
+    /**
+     * Create a controller instance.
+     *
+     * @param  \Laravel\Passport\TokenRepository  $tokenRepository
+     * @param  \Illuminate\Contracts\Validation\Factory  $validation
+     * @return void
+     */
+    public function __construct(TokenRepository $tokenRepository, ValidationFactory $validation)
+    {
+        $this->validation = $validation;
+        $this->tokenRepository = $tokenRepository;
+    }
+
     /**
      * Display a listing of requested assets.
      *
@@ -42,4 +67,72 @@ class ProfileController extends Controller
 
         return $results;
     }
+
+
+    /**
+     * Delete an API token
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.5]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function createApiToken(Request $request) {
+
+        $accessTokenName = $request->input('name', 'Auth Token');
+
+        if ($accessToken = Auth::user()->createToken($accessTokenName)->accessToken) {
+            return response()->json(Helper::formatStandardApiResponse('success', $accessToken, 'Personal access token '.$accessTokenName.' created successfully'));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Token could not be created.'));
+
+    }
+
+
+    /**
+     * Delete an API token
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.5]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function deleteApiToken($tokenId) {
+
+        $token = $this->tokenRepository->findForUser(
+            $tokenId, Auth::user()->getAuthIdentifier()
+        );
+
+        if (is_null($token)) {
+            return new Response('', 404);
+        }
+
+        $token->revoke();
+
+        return new Response('', Response::HTTP_NO_CONTENT);
+
+    }
+
+
+    /**
+     * Show user's API tokens
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.5]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function showTokens(Request $request) {
+
+        $tokens = $this->tokenRepository->forUser(Auth::user()->getAuthIdentifier());
+
+        return $tokens->load('client')->filter(function ($token) {
+            return $token->client->personal_access_client && ! $token->revoked;
+        })->values();
+
+    }
+
+
+
 }

routes/api.php

@@ -48,6 +48,27 @@ Route::group(['prefix' => 'v1', 'middleware' => ['api', 'throttle:api']], functi
             ]
         )->name('api.assets.requestable');
 
+        Route::post('personal-access-token',
+            [
+                Api\ProfileController::class,
+                'createApiToken'
+            ]
+        )->name('api.personal-access-token.create');
+
+        Route::get('personal-access-tokens',
+            [
+                Api\ProfileController::class,
+                'showTokens'
+            ]
+        )->name('api.personal-access-token.index');
+
+        Route::delete('personal-access-token/{tokenId}',
+            [
+                Api\ProfileController::class,
+                'deleteApiToken'
+            ]
+        )->name('api.personal-access-token.delete');
+
 
 
      }); // end account group