Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Tokens can now be generated

Browse Source
This commit is contained in:
Mike Koch 2015-11-19 20:37:49 -05:00
parent d23b80a37c
commit 9bb2a3fd3d
4 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
admin/api_settings.php
View File

@ -145,7 +145,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$userRs = hesk_dbQuery("SELECT `id`, `user`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1'");
while ($row = hesk_dbFetchAssoc($userRs)) {
$row['number_of_tokens'] = 0;
$users[$row['user']] = $row;
$users[$row['id']] = $row;
}
$tokensRs = hesk_dbQuery("SELECT `user_id`, 1 FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "user_api_tokens`");
while ($row = hesk_dbFetchAssoc($tokensRs)) {
@ -168,7 +168,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<tr>
<td><?php echo $row['user']; ?></td>
<td><?php echo $row['name']; ?></td>
<td><?php echo $row['number_of_tokens']; ?></td>
<td id="token-<?php echo $row['id']; ?>-count"><?php echo $row['number_of_tokens']; ?></td>
<td>
<span class="btn-group">
<button class="btn btn-default btn-xs" onclick="generateToken(<?php echo $row['id']; ?>)">
@ -188,6 +188,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</span>
</td>
</tr>
<tr>
<td colspan="4" id="token-<?php echo $row['id']; ?>-created" class="success hide">
Generated Token: <code class="token"></code>
<p><b>NOTE:</b> Please record this token, as this is the only time you will be able to view it!</p>
</td>
</tr>
<?php
endforeach;
?>

11
internal-api/admin/api-authentication/index.php
View File

@ -21,10 +21,17 @@ if ($request_method == 'POST') {
}
if ($action == 'generate') {
$hash = hash("sha512", time());
$token = '';
$letter_array = ['0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'];
// Pick 32 random characters. That will be the hash
for ($i = 0; $i < 32; $i++) {
$letter = $letter_array[rand(0, 15)];
$token .= $letter;
}
$hash = hash("sha512", $token);
store_token($user_id, $hash, $hesk_settings);
output($hash);
output($token);
return http_response_code(200);
} elseif ($action == 'reset') {
//TODO

4
internal-api/dao/api_authentication_dao.php
View File

@ -1,5 +1,7 @@
<?php
function store_token($user_id, $token_hash, $hesk_settings) {
//TODO
$sql = "INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "user_api_tokens` (`user_id`, `token`)
VALUES ('" . hesk_dbEscape($user_id) . "', '" . hesk_dbEscape($token_hash) . "')";
hesk_dbQuery($sql);
}

5
internal-api/js/api-settings.js
View File

@ -78,9 +78,14 @@ function generateToken(userId) {
data: data,
method: 'POST',
success: function (data) {
$('#token-' + userId + '-created > .token').text(data);
$('#token-' + userId + '-created').removeClass('hide');
markSuccess('token-' + userId);
var oldNumberOfTokens = parseInt($('#token-' + userId + '-count').text());
$('#token-' + userId + '-count').text(++oldNumberOfTokens);
},
error: function (data) {
console.error(data);
markFailure('token-' + userId);
}
});