From 2bc07d8ca028a97d8f7ab605586441111aa1c3d3 Mon Sep 17 00:00:00 2001 From: Miguel N Date: Tue, 30 Mar 2021 18:16:01 +0100 Subject: [PATCH] Add key management page --- app/Http/Controllers/ApiKeyController.php | 15 +++ config/adminlte.php | 6 ++ .../dashboard/administration/keys.blade.php | 99 +++++++++++++++++++ routes/web.php | 3 + 4 files changed, 123 insertions(+) create mode 100644 resources/views/dashboard/administration/keys.blade.php diff --git a/app/Http/Controllers/ApiKeyController.php b/app/Http/Controllers/ApiKeyController.php index 0975df9..d25602c 100644 --- a/app/Http/Controllers/ApiKeyController.php +++ b/app/Http/Controllers/ApiKeyController.php @@ -21,6 +21,21 @@ class ApiKeyController extends Controller ->with('keys', Auth::user()->keys); } + public function adminKeys() + { + if (Auth::user()->hasRole('admin')) + { + return view('dashboard.administration.keys') + ->with('keys', ApiKey::all()); + } + else + { + return redirect() + ->back() + ->with('error', 'You do not have permission to access this page.'); + } + } + /** * Store a newly created resource in storage. * diff --git a/config/adminlte.php b/config/adminlte.php index 35c930a..c0b557c 100755 --- a/config/adminlte.php +++ b/config/adminlte.php @@ -370,6 +370,12 @@ return [ 'url' => '/admin/devtools', 'can' => 'admin.developertools.use', ], + [ + 'text' => 'API Keys', + 'icon' => 'fas fa-user-shield', + 'can' => 'admin.settings.view', + 'route' => 'adminKeys' + ] ], ], [ diff --git a/resources/views/dashboard/administration/keys.blade.php b/resources/views/dashboard/administration/keys.blade.php new file mode 100644 index 0000000..b2e5ef0 --- /dev/null +++ b/resources/views/dashboard/administration/keys.blade.php @@ -0,0 +1,99 @@ +@extends('adminlte::page') + +@section('title', config('app.name') . ' | Key Administration') + +@section('content_header') + +

{{__('messages.adm')}} / API Key Administration

+ +@stop + +@section('js') + + + +@stop + +@section('content') + +
+
+
+

You can use the key discriminator to identify it's API calls in the logs.

+
+
+
+ +
+
+ + + + +

Here, you can view and manage all API keys created by users in the app. You can't, however, use this page to access someone else's account.

+ + + + @if(!$keys->isEmpty()) + + + + + + + + + + + + + + + + @foreach($keys as $key) + + + + + + + + + + @endforeach + + +
NameDiscriminatorOwnerStatusLast UsedLast ModifiedActions
{{ $key->name }}{{ $key->discriminator }}{{ $key->user->name }}{{ ($key->status == 'disabled') ? 'Revoked' : 'Active' }}{{ ($key->last_used == null) ? 'No recent activity' : $key->last_used }}{{ $key->updated_at }} + @if ($key->status == 'active') +
+ @csrf + @method('PATCH') + +
+ @else + + @endif +
+ @else +
+

No API keys have been registered yet.

+
+ @endif + + + + + + + + + +
+
+ +@stop + + +@section('footer') + @include('breadcrumbs.dashboard.footer') +@stop diff --git a/routes/web.php b/routes/web.php index 3132a3b..e5d9c39 100755 --- a/routes/web.php +++ b/routes/web.php @@ -229,6 +229,9 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo Route::get('settings', [OptionsController::class, 'index']) ->name('showSettings'); + Route::get('keys', [ApiKeyController::class, 'adminKeys']) + ->name('adminKeys'); + Route::post('settings/save', [OptionsController::class, 'saveSettings']) ->name('saveSettings');