#22 Recreate API Secret

2019-05-02 15:22:37 +02:00 · 2019-05-02 15:22:37 +02:00 · 57e44d343f
commit 57e44d343f
parent 48a2ddf334
4 changed files with 27 additions and 3 deletions
--- a/app/Http/Controllers/GUI/AppController.php
+++ b/app/Http/Controllers/GUI/AppController.php
@ -117,6 +117,18 @@ class AppController extends Controller

        return response($app->icon)
            ->header('Content-Type',$r["mime"]);
+    }

+    public function regenerateAppSecret(Request $request, $id) {
+        $app = App::query()->where("id", "=", $id)->firstOrFail();
+
+        if($app->user_id != Auth::user()->id) {
+            abort(401);
+        }
+
+        $app->regenerateApiSecret();
+        $app->saveOrFail();
+
+        return redirect('/gui/apps/'.$id);
    }
 }
--- a/app/Models/App.php
+++ b/app/Models/App.php
@ -32,12 +32,12 @@ class App extends Model
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
        $randstring = '';
        for ($i = 0; $i < 20; $i++) {
-            $randstring = $characters[rand(0, strlen($characters)-1)];
+            $randstring .= $characters[rand(0, strlen($characters)-1)];
        }
        $apiKey = hash("sha512", $randstring);
        $randstring = '';
        for ($i = 0; $i < 20; $i++) {
-            $randstring = $characters[rand(0, strlen($characters)-1)];
+            $randstring .= $characters[rand(0, strlen($characters)-1)];
        }
        $apiSecret = hash("sha512", $randstring);

@ -58,4 +58,15 @@ class App extends Model
        return $app;
    }

+    public function regenerateApiSecret() {
+        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+        $randstring = '';
+        for ($i = 0; $i < 20; $i++) {
+            $randstring .= $characters[rand(0, strlen($characters)-1)];
+        }
+        $apiSecret = hash("sha512", $randstring);
+
+        $this->apiSecret = $apiSecret;
+    }
+
 }
--- a/resources/views/app/details.php
+++ b/resources/views/app/details.php
@ -33,7 +33,7 @@
                    <h3>API Access</h3>
                    <b>API-Key</b>
                    <input class="form-control" value="<?php echo $app->apiKey; ?>">
-                    <b>API-Secret</b>
+                    <b>API-Secret</b> <a href="/gui/apps/<?php echo $app->id; ?>/regenerateAPISecret" class="btn-danger btn-sm btn" style="height: 16px; font-size: 11px;padding-top:0px;margin-top:0px;">Regenerate API Secret</a>
                    <input class="form-control" value="<?php echo $app->apiSecret; ?>">
                </div>
                <div class="tab-pane fade" id="settings" role="tabpanel" aria-labelledby="settings-tab">
--- a/routes/web.php
+++ b/routes/web.php
@ -72,6 +72,7 @@ $router->group(['prefix' => 'gui', 'middleware' => 'gui'], function () use ($rou
    $router->get('/apps/{id}', ['uses' => 'GUI\AppController@viewApp']);
    $router->post('/apps/{id}', ['uses' => 'GUI\AppController@updateApp']);
    $router->post('/apps/{id}/changeIcon', ['uses' => 'GUI\AppController@changeIcon']);
+    $router->get('/apps/{id}/regenerateAPISecret', ['uses' => 'GUI\AppController@regenerateAppSecret']);
    $router->get('/apps/{id}/icon', ['uses' => 'GUI\AppController@getAppIcon']);
    $router->get("/mailValidation/{id}/{code}",  ['uses' => 'GUI\AccountController@validateEMail']);