API Resources and first endpoints
This commit is contained in:
parent
2bc07d8ca0
commit
ddd79d38fe
|
@ -103,11 +103,13 @@ class JSON
|
|||
|
||||
public function build($headers = [])
|
||||
{
|
||||
// Uses the same structure as model resources, for consistency when they aren't used.
|
||||
$response = [
|
||||
'status' => $this->getStatus(),
|
||||
'message' => $this->getMessage(),
|
||||
'type' => $this->getType(),
|
||||
'response' => $this->getData()
|
||||
'data' => $this->getData(),
|
||||
'meta' => [
|
||||
'status' => $this->getStatus(),
|
||||
'message' => $this->getMessage(),
|
||||
],
|
||||
];
|
||||
|
||||
return response($response, $this->getCode(), $headers);
|
||||
|
|
|
@ -11,29 +11,13 @@ use Illuminate\Support\Facades\Hash;
|
|||
|
||||
class ApiKeyController extends Controller
|
||||
{
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
*
|
||||
*/
|
||||
|
||||
public function index()
|
||||
{
|
||||
return view('dashboard.user.api.index')
|
||||
->with('keys', Auth::user()->keys);
|
||||
}
|
||||
$this->authorize('viewAny', ApiKey::class);
|
||||
|
||||
public function adminKeys()
|
||||
{
|
||||
if (Auth::user()->hasRole('admin'))
|
||||
{
|
||||
return view('dashboard.administration.keys')
|
||||
->with('keys', ApiKey::all());
|
||||
}
|
||||
else
|
||||
{
|
||||
return redirect()
|
||||
->back()
|
||||
->with('error', 'You do not have permission to access this page.');
|
||||
}
|
||||
return view('dashboard.administration.keys')
|
||||
->with('keys', ApiKey::all());
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -43,6 +27,8 @@ class ApiKeyController extends Controller
|
|||
*/
|
||||
public function store(CreateApiKeyRequest $request)
|
||||
{
|
||||
$this->authorize('create', ApiKey::class);
|
||||
|
||||
$discriminator = "#" . bin2hex(openssl_random_pseudo_bytes(7));
|
||||
$secret = bin2hex(openssl_random_pseudo_bytes(32));
|
||||
|
||||
|
@ -71,28 +57,24 @@ class ApiKeyController extends Controller
|
|||
|
||||
public function revokeKey(Request $request, ApiKey $key)
|
||||
{
|
||||
if (Auth::user()->is($key->user) || Auth::user()->hasRole('admin'))
|
||||
{
|
||||
if ($key->status == 'active')
|
||||
{
|
||||
$key->status = 'disabled';
|
||||
$key->save();
|
||||
}
|
||||
else
|
||||
{
|
||||
return redirect()
|
||||
->back()
|
||||
->with('error', 'Key already revoked.');
|
||||
}
|
||||
$this->authorize('update', $key);
|
||||
|
||||
if ($key->status == 'active')
|
||||
{
|
||||
$key->status = 'disabled';
|
||||
$key->save();
|
||||
}
|
||||
else
|
||||
{
|
||||
return redirect()
|
||||
->back()
|
||||
->with('success', 'Key revoked. Apps using this key will stop working.');
|
||||
->with('error', 'Key already revoked.');
|
||||
}
|
||||
|
||||
return redirect()
|
||||
->back()
|
||||
->with('error', 'You do not have permission to modify this key.');
|
||||
->with('success', 'Key revoked. Apps using this key will stop working.');
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -101,18 +83,13 @@ class ApiKeyController extends Controller
|
|||
public function destroy($id)
|
||||
{
|
||||
$key = ApiKey::findOrFail($id);
|
||||
$this->authorize('delete', $key);
|
||||
|
||||
if (Auth::user()->is($key->user) || Auth::user()->hasRole('admin'))
|
||||
{
|
||||
$key->delete();
|
||||
|
||||
return redirect()
|
||||
->back()
|
||||
->with('success', 'Key deleted successfully. Apps using this key will stop working.');
|
||||
}
|
||||
$key->delete();
|
||||
|
||||
return redirect()
|
||||
->back()
|
||||
->with('error', 'You do not have permission to modify this key.');
|
||||
->with('success', 'Key deleted successfully. Apps using this key will stop working.');
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -23,6 +23,7 @@ namespace App\Http\Controllers;
|
|||
|
||||
use App\Application;
|
||||
use App\Events\ApplicationDeniedEvent;
|
||||
use App\Http\Resources\ApplicationResource;
|
||||
use App\Notifications\ApplicationMoved;
|
||||
use App\Notifications\NewApplicant;
|
||||
use App\Response;
|
||||
|
@ -56,39 +57,58 @@ class ApplicationController extends Controller
|
|||
|
||||
public function showUserApp(Request $request, Application $application)
|
||||
{
|
||||
$this->authorize('view', $application);
|
||||
if (!$request->wantsJson())
|
||||
{
|
||||
$this->authorize('view', $application);
|
||||
|
||||
if (! is_null($application)) {
|
||||
return view('dashboard.user.viewapp')
|
||||
->with(
|
||||
[
|
||||
'application' => $application,
|
||||
'comments' => $application->comments,
|
||||
'structuredResponses' => json_decode($application->response->responseData, true),
|
||||
'formStructure' => $application->response->form,
|
||||
'vacancy' => $application->response->vacancy,
|
||||
'canVote' => $this->canVote($application->votes),
|
||||
]
|
||||
);
|
||||
} else {
|
||||
$request->session()->flash('error', 'The application you requested could not be found.');
|
||||
if (! is_null($application)) {
|
||||
return view('dashboard.user.viewapp')
|
||||
->with(
|
||||
[
|
||||
'application' => $application,
|
||||
'comments' => $application->comments,
|
||||
'structuredResponses' => json_decode($application->response->responseData, true),
|
||||
'formStructure' => $application->response->form,
|
||||
'vacancy' => $application->response->vacancy,
|
||||
'canVote' => $this->canVote($application->votes),
|
||||
]
|
||||
);
|
||||
} else {
|
||||
$request->session()->flash('error', 'The application you requested could not be found.');
|
||||
}
|
||||
|
||||
return redirect()->back();
|
||||
}
|
||||
|
||||
return redirect()->back();
|
||||
return (new ApplicationResource($application))->additional([
|
||||
'meta' => [
|
||||
'code' => 200,
|
||||
'status' => 'success'
|
||||
]
|
||||
]);
|
||||
}
|
||||
|
||||
public function showAllApps()
|
||||
public function showAllApps(Request $request)
|
||||
{
|
||||
$this->authorize('viewAny', Application::class);
|
||||
if (!$request->wantsJson())
|
||||
{
|
||||
$this->authorize('viewAny', Application::class);
|
||||
|
||||
return view('dashboard.appmanagement.all')
|
||||
->with('applications', Application::paginate(6));
|
||||
return view('dashboard.appmanagement.all')
|
||||
->with('applications', Application::paginate(6));
|
||||
}
|
||||
|
||||
|
||||
// todo: eager load all relationships used
|
||||
return ApplicationResource::collection(Application::paginate(6))->additional([
|
||||
'code' => '200',
|
||||
'status' => 'success',
|
||||
]);
|
||||
}
|
||||
|
||||
|
||||
public function renderApplicationForm(Request $request, $vacancySlug)
|
||||
{
|
||||
// FIXME: Get rid of references to first(), this is a wonky query
|
||||
$vacancyWithForm = Vacancy::with('forms')->where('vacancySlug', $vacancySlug)->get();
|
||||
|
||||
$firstVacancy = $vacancyWithForm->first();
|
||||
|
@ -96,10 +116,8 @@ class ApplicationController extends Controller
|
|||
if (! $vacancyWithForm->isEmpty() && $firstVacancy->vacancyCount !== 0 && $firstVacancy->vacancyStatus == 'OPEN') {
|
||||
return view('dashboard.application-rendering.apply')
|
||||
->with([
|
||||
|
||||
'vacancy' => $vacancyWithForm->first(),
|
||||
'preprocessedForm' => json_decode($vacancyWithForm->first()->forms->formStructure, true),
|
||||
|
||||
]);
|
||||
} else {
|
||||
abort(404, 'The application you\'re looking for could not be found or it is currently unavailable.');
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
|
||||
namespace App\Http;
|
||||
|
||||
use App\Http\Middleware\APIAuthenticationMiddleware;
|
||||
use Illuminate\Foundation\Http\Kernel as HttpKernel;
|
||||
|
||||
class Kernel extends HttpKernel
|
||||
|
@ -60,6 +61,7 @@ class Kernel extends HttpKernel
|
|||
'api' => [
|
||||
'throttle:60,1',
|
||||
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||
APIAuthenticationMiddleware::class
|
||||
],
|
||||
];
|
||||
|
||||
|
|
|
@ -0,0 +1,61 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use App\ApiKey;
|
||||
use App\Facades\JSON;
|
||||
use Carbon\Carbon;
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
use Illuminate\Support\Str;
|
||||
|
||||
class APIAuthenticationMiddleware
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle(Request $request, Closure $next)
|
||||
{
|
||||
$key = $request->bearerToken();
|
||||
|
||||
if (!is_null($key))
|
||||
{
|
||||
// we have a valid discriminator
|
||||
$discriminator = Str::before($key, '.');
|
||||
$loneKey = Str::after($key, '.');
|
||||
|
||||
$keyRecord = ApiKey::where('discriminator', $discriminator)->first();
|
||||
|
||||
if ($keyRecord && Hash::check($loneKey, $keyRecord->secret) && $keyRecord->status == 'active')
|
||||
{
|
||||
Log::alert('API Authentication Success', [
|
||||
'discriminator' => $discriminator
|
||||
]);
|
||||
|
||||
$keyRecord->last_used = Carbon::now();
|
||||
$keyRecord->save();
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
return JSON::setResponseType('error')
|
||||
->setStatus('authfail')
|
||||
->setMessage('Invalid / Revoked API key.')
|
||||
->setCode(401)
|
||||
->build();
|
||||
}
|
||||
|
||||
return JSON::setResponseType('error')
|
||||
->setStatus('malformed_key')
|
||||
->setMessage('Missing or malformed API key.')
|
||||
->setCode(400)
|
||||
->build();
|
||||
|
||||
}
|
||||
}
|
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use App\Response;
|
||||
use App\User;
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class ApplicationResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return [
|
||||
'id' => $this->id,
|
||||
'applicationStatus' => $this->applicationStatus,
|
||||
'applicant' => new UserResource(User::findOrFail($this->applicantUserID)),
|
||||
'response' => new ResponseResource(Response::findOrFail($this->applicantFormResponseID)),
|
||||
'created_at' => $this->created_at,
|
||||
'updated_at' => $this->updated_at
|
||||
];
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class AppointmentResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return parent::toArray($request);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class BanResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return parent::toArray($request);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class FormResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return [
|
||||
'id' => $this->id,
|
||||
'formName' => $this->formName,
|
||||
'formStructure' => json_decode($this->formStructure),
|
||||
'formStatus' => $this->formStatus,
|
||||
'created_at' => $this->created_at,
|
||||
'updated_at' => $this->updated_at
|
||||
];
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class OptionResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return parent::toArray($request);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class ProfileResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return parent::toArray($request);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use App\Form;
|
||||
use App\Vacancy;
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class ResponseResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return [
|
||||
'id' => $this->id,
|
||||
'form' => new FormResource(Form::findOrFail($this->responseFormID)),
|
||||
'responseData' => json_decode($this->responseData),
|
||||
'vacancy' => new VacancyResource(Vacancy::findOrFail($this->associatedVacancyID)),
|
||||
'created_at' => $this->created_at,
|
||||
'updated_at' => $this->updated_at
|
||||
];
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class TeamFileResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return parent::toArray($request);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class TeamResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return parent::toArray($request);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class UserResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return [
|
||||
'id' => $this->id,
|
||||
'uuid' => $this->uuid,
|
||||
'name' => $this->name,
|
||||
'email' => $this->email,
|
||||
'username' => $this->username,
|
||||
'created_at' => $this->created_at,
|
||||
'updated_at' => $this->updated_at,
|
||||
'current_team_id' => $this->current_team_id
|
||||
];
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class VacancyResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return parent::toArray($request);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,72 @@
|
|||
<?php
|
||||
|
||||
namespace App\Policies;
|
||||
|
||||
use App\ApiKey;
|
||||
use App\User;
|
||||
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||
|
||||
class ApiKeyPolicy
|
||||
{
|
||||
use HandlesAuthorization;
|
||||
|
||||
/**
|
||||
* Determine whether the user can view any models.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @return mixed
|
||||
*/
|
||||
public function viewAny(User $user)
|
||||
{
|
||||
if ($user->hasRole('admin'))
|
||||
return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Determine whether the user can create models.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @return mixed
|
||||
*/
|
||||
public function create(User $user)
|
||||
{
|
||||
if ($user->hasRole('admin'))
|
||||
return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\ApiKey $apiKey
|
||||
* @return mixed
|
||||
*/
|
||||
public function update(User $user, ApiKey $apiKey)
|
||||
{
|
||||
if ($user->hasRole('admin'))
|
||||
return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can delete the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\ApiKey $apiKey
|
||||
* @return mixed
|
||||
*/
|
||||
public function delete(User $user, ApiKey $apiKey)
|
||||
{
|
||||
if ($user->hasRole('admin'))
|
||||
return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
|
@ -21,10 +21,12 @@
|
|||
|
||||
namespace App\Providers;
|
||||
|
||||
use App\ApiKey;
|
||||
use App\Application;
|
||||
use App\Appointment;
|
||||
use App\Ban;
|
||||
use App\Form;
|
||||
use App\Policies\ApiKeyPolicy;
|
||||
use App\Policies\ApplicationPolicy;
|
||||
use App\Policies\AppointmentPolicy;
|
||||
use App\Policies\BanPolicy;
|
||||
|
@ -61,7 +63,8 @@ class AuthServiceProvider extends ServiceProvider
|
|||
Ban::class => BanPolicy::class,
|
||||
Appointment::class => AppointmentPolicy::class,
|
||||
Team::class => TeamPolicy::class,
|
||||
TeamFile::class, TeamFilePolicy::class
|
||||
TeamFile::class => TeamFilePolicy::class,
|
||||
ApiKey::class => ApiKeyPolicy::class
|
||||
];
|
||||
|
||||
/**
|
||||
|
|
|
@ -268,11 +268,6 @@ return [
|
|||
'icon' => 'fas fa-user-circle',
|
||||
'url' => '/profile/settings/account',
|
||||
],
|
||||
[
|
||||
'text' => 'Programmatic Access',
|
||||
'icon' => 'fas fa-wrench',
|
||||
'route' => 'keys.index'
|
||||
],
|
||||
[
|
||||
'header' => 'h_app_management',
|
||||
'can' => ['applications.view.all', 'applications.vote'],
|
||||
|
@ -374,7 +369,7 @@ return [
|
|||
'text' => 'API Keys',
|
||||
'icon' => 'fas fa-user-shield',
|
||||
'can' => 'admin.settings.view',
|
||||
'route' => 'adminKeys'
|
||||
'route' => 'keys.index'
|
||||
]
|
||||
],
|
||||
],
|
||||
|
|
|
@ -16,6 +16,24 @@
|
|||
|
||||
@section('content')
|
||||
|
||||
<x-modal id="createKeyModal" modal-label="createKeyModalLabel" modal-title="New API Key" include-close-button="true">
|
||||
|
||||
<form id="createKey" method="post" action="{{ route('keys.store') }}">
|
||||
@csrf
|
||||
|
||||
<div class="form-group">
|
||||
<label for="name">Give your new API key a name to easily identify it.</label>
|
||||
<input type="text" name="keyName" class="form-control" id="name" required>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
|
||||
<x-slot name="modalFooter">
|
||||
<button onclick="$('#createKey').submit()" type="button" class="btn btn-success"><i class="fas fa-key"></i> Register new key</button>
|
||||
</x-slot>
|
||||
|
||||
</x-modal>
|
||||
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-primary">
|
||||
|
@ -24,6 +42,17 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
@if (session()->has('finalKey'))
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-success">
|
||||
<p><i class="fas fa-key"></i> This is your API key: {{ session('finalKey') }}</p>
|
||||
<p>Please copy it <b>now</b> as it'll only appear once.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
|
||||
|
@ -68,6 +97,12 @@
|
|||
@else
|
||||
<button disabled type="button" class="btn btn-danger btn-sm ml-2"><i class="fas fa-lock"></i> Revoke</button>
|
||||
@endif
|
||||
<form class="d-inline-block" action="{{ route('keys.destroy', ['key' => $key->id]) }}" method="post">
|
||||
@csrf
|
||||
@method('DELETE')
|
||||
<button type="submit" class="btn btn-danger btn-sm ml-2"><i class="fas fa-trash"></i> Delete</button>
|
||||
</form>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
@endforeach
|
||||
|
@ -82,8 +117,8 @@
|
|||
|
||||
|
||||
<x-slot name="cardFooter">
|
||||
<button onclick="window.location.href='{{ route('keys.index') }}'" type="button" class="btn btn-success ml-2"><i class="fas fa-key"></i> Your Keys</button>
|
||||
<button type="button" onclick="window.location.href='/admin/maintenance/system-logs'" class="btn btn-secondary"><i class="fas fa-clipboard"></i> Search Logs</button>
|
||||
<button onclick="$('#createKeyModal').modal('show')" type="button" class="btn btn-secondary ml-2"><i class="fas fa-plus"></i> New API Key</button>
|
||||
<button type="button" onclick="window.location.href='/admin/maintenance/system-logs'" class="btn btn-secondary ml-2"><i class="fas fa-clipboard"></i> Search Logs</button>
|
||||
</x-slot>
|
||||
|
||||
</x-card>
|
||||
|
|
|
@ -1,118 +0,0 @@
|
|||
@extends('adminlte::page')
|
||||
|
||||
@section('title', config('app.name') . ' | ' . __('API Key Management'))
|
||||
|
||||
@section('content_header')
|
||||
|
||||
<h4>Profile / Settings / API Keys</h4>
|
||||
|
||||
@stop
|
||||
|
||||
@section('js')
|
||||
<x-global-errors></x-global-errors>
|
||||
@stop
|
||||
|
||||
@section('content')
|
||||
|
||||
<x-modal id="createKeyModal" modal-label="createKeyModalLabel" modal-title="New API Key" include-close-button="true">
|
||||
|
||||
<form id="createKey" method="post" action="{{ route('keys.store') }}">
|
||||
@csrf
|
||||
|
||||
<div class="form-group">
|
||||
<label for="name">Give your new API key a name to easily identify it.</label>
|
||||
<input type="text" name="keyName" class="form-control" id="name" required>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
|
||||
<x-slot name="modalFooter">
|
||||
<button onclick="$('#createKey').submit()" type="button" class="btn btn-success"><i class="fas fa-key"></i> Register new key</button>
|
||||
</x-slot>
|
||||
|
||||
</x-modal>
|
||||
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-warning">
|
||||
<p><i class="fas fa-exclamation-triangle"></i> <b>Friendly reminder: </b> API keys can access your whole account and the resources it has access to. Please treat them like a password. If they are leaked, please revoke them.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@if (session()->has('finalKey'))
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-success">
|
||||
<p><i class="fas fa-key"></i> This is your API key: {{ session('finalKey') }}</p>
|
||||
<p>Please copy it <b>now</b> as it'll only appear once.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<x-card id="keyListing" card-title="Manage API Keys" footer-style="text-center">
|
||||
|
||||
<x-slot name="cardHeader"></x-slot>
|
||||
|
||||
@if(!$keys->isEmpty())
|
||||
<table class="table table-borderless">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Key name</th>
|
||||
<th>Status</th>
|
||||
<th>Last Used</th>
|
||||
<th>Last Modified</th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
|
||||
@foreach($keys as $key)
|
||||
<tr>
|
||||
<td>{{ $key->name }}</td>
|
||||
<td><span class="badge badge-{{ ($key->status == 'disabled') ? 'danger' : 'primary' }}">{{ ($key->status == 'disabled') ? 'Revoked' : 'Active' }}</span></td>
|
||||
<td><span class="badge badge-{{ ($key->last_used == null) ? 'danger' : 'primary' }}">{{ ($key->last_used == null) ? 'No recent activity' : $key->last_used }}</span></td>
|
||||
<td><span class="badge badge-primary">{{ $key->updated_at }}</span></td>
|
||||
<td>
|
||||
@if ($key->status == 'active')
|
||||
<form class="d-inline-block" action="{{ route('revokeKey', ['key' => $key->id]) }}" method="post">
|
||||
@csrf
|
||||
@method('PATCH')
|
||||
<button type="submit" class="btn btn-danger btn-sm ml-2"><i class="fas fa-lock"></i> Revoke</button>
|
||||
</form>
|
||||
@endif
|
||||
<form class="d-inline-block" action="{{ route('keys.destroy', ['key' => $key->id]) }}" method="post">
|
||||
@csrf
|
||||
@method('DELETE')
|
||||
<button type="submit" class="btn btn-danger btn-sm ml-2"><i class="fas fa-trash"></i> Delete</button>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
@endforeach
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
@else
|
||||
<div class="alert alert-success">
|
||||
<p><i class="fa fa-info-circle"></i> You don't have any API keys yet.</p>
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<x-slot name="cardFooter">
|
||||
<button onclick="$('#createKeyModal').modal('show')" type="button" class="btn btn-secondary"><i class="fas fa-plus"></i> New API Key</button>
|
||||
</x-slot>
|
||||
|
||||
</x-card>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@stop
|
||||
|
||||
|
||||
@section('footer')
|
||||
@include('breadcrumbs.dashboard.footer')
|
||||
@stop
|
|
@ -33,6 +33,9 @@ use Illuminate\Support\Facades\Route;
|
|||
|
|
||||
*/
|
||||
|
||||
Route::middleware('auth:api')->get('/user', function (Request $request) {
|
||||
return $request->user();
|
||||
Route::middleware(['api'])->group(function (){
|
||||
|
||||
Route::get('applications', [\App\Http\Controllers\ApplicationController::class, 'showAllApps']);
|
||||
Route::get('applications/view/{application}', [\App\Http\Controllers\ApplicationController::class, 'showUserApp']);
|
||||
|
||||
});
|
||||
|
|
|
@ -164,13 +164,6 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo
|
|||
->name('showProfileSettings')
|
||||
->middleware('passwordredirect');
|
||||
|
||||
Route::resource('keys', ApiKeyController::class)
|
||||
->middleware('passwordredirect');
|
||||
|
||||
Route::patch('keys/revoke/{key}', [ApiKeyController::class, 'revokeKey'])
|
||||
->name('revokeKey')
|
||||
->middleware('passwordredirect');
|
||||
|
||||
Route::patch('/settings/save', [ProfileController::class, 'saveProfile'])
|
||||
->name('saveProfileSettings')
|
||||
->middleware('passwordredirect');
|
||||
|
@ -229,8 +222,10 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo
|
|||
Route::get('settings', [OptionsController::class, 'index'])
|
||||
->name('showSettings');
|
||||
|
||||
Route::get('keys', [ApiKeyController::class, 'adminKeys'])
|
||||
->name('adminKeys');
|
||||
Route::resource('keys', ApiKeyController::class);
|
||||
|
||||
Route::patch('keys/revoke/{key}', [ApiKeyController::class, 'revokeKey'])
|
||||
->name('revokeKey');
|
||||
|
||||
Route::post('settings/save', [OptionsController::class, 'saveSettings'])
|
||||
->name('saveSettings');
|
||||
|
|
Loading…
Reference in New Issue