Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1142 Commits
2 Branches
Branch: production
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'production'
${ noResults }
Gazelle/sections/user/token.php

token.php 3.0KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106 
  1. <?php

  2. declare(strict_types = 1);

  3. 

  4. /**

  5.  * Adapted from

  6.  * https://github.com/OPSnet/Gazelle/blob/master/sections/user/token.php

  7.  */

  8. 

  9. if (!apcu_exists('DBKEY')) {

  10.     error(403);

  11. }

  12. 

  13. $ENV = ENV::go();

  14. $userId = (int) ($_GET['user_id'] ?? $LoggedUser['ID']);

  15. 

  16. $tokenId = (int) ($_GET['token_id'] ?? 0);

  17. $error = null;

  18. $token = null;

  19. $tokenName = '';

  20. 

  21. $_GET['do'] = $_GET['do'] ?? '';

  22. if (!empty($_GET['do']) && $userId !== $LoggedUser['ID'] && !check_perms('users_mod')) {

  23.     error(403);

  24. }

  25. 

  26. if ($_GET['do'] === 'revoke') {

  27.     Users::revokeApiTokenById($userId, $tokenId);

  28.     header('Location: user.php?action=edit&userid=' . $userId);

  29.     die();

  30. } elseif ($_GET['do'] === 'generate') {

  31.     $tokenName = $_POST['token_name'] ?? '';

  32.     if (empty(trim($tokenName))) {

  33.         $error = 'You must supply a name for the token.';

  34.     } elseif (Users::hasTokenByName($userId, $tokenName)) {

  35.         $error = 'You have already generated a token with that name.';

  36.     } else {

  37.         $token = Users::createApiToken($userId, $tokenName, $ENV->getPriv('ENCKEY'));

  38.     }

  39. }

  40. 

  41. View::show_header('Generate API Token');

  42. 

  43. if (is_null($token)) {

  44.     if ($error) {

  45.         echo $HTML = <<<HTML

  46.         <div class="token_error">

  47.           <p>$error</p>

  48.         </div>

  49. HTML;

  50.     }

  51.     

  52.     echo $HTML = <<<HTML

  53.     <div class="box pad">

  54.       <p>

  55.         Use this page to generate new API tokens.

  56.         When the token is shown to you is the only time the token will be visible, so be sure to copy it down.

  57.         You, nor staff, will be able to view the value for any previously generation token.

  58.       </p>

  59.       <p>

  60.         <strong class="important_text">Treat your tokens like passwords and keep them secret.</strong>

  61.       </p>

  62. 

  63.       <div class="center pad">

  64.         <form action="user.php?action=token&amp;do=generate&amp;user_id=$userId" method="POST">

  65.           <input type="text" name="token_name" value="$tokenName"

  66.           placeholder="New API token name" required />

  67.           <input type='submit' value='Generate' />

  68.         </form>

  69.       </div>

  70.     </div>

  71. HTML;

  72. } else {

  73.     echo $HTML = <<<HTML

  74.     <div class="box pad">

  75.       <p>

  76.         This is the only time this token value you will be shown to you, so be sure to copy it down!

  77.         Neither you, nor staff, will be able to view the value for any previously generated token.

  78.       </p>

  79. 

  80.       <p>

  81.         In case of doubt, you should <strong>always</strong> revoke a token and generate a new one.

  82.         <strong class="important_text">Treat your tokens like passwords and keep them secret.</strong>

  83.       </p>

  84. 

  85.       <table>

  86.         <tr class="colhead">

  87.           <th style="text-align: center;">Name</th>

  88.           <th>Token</th>

  89.         </tr>

  90. 

  91.         <tr>

  92.           <td style="text-align: center;">$tokenName</td>

  93.           <td>

  94.             <textarea rows="2" cols="50" onclick="this.select();" readonly>$token</textarea>

  95.           </td>

  96.         </tr>

  97.       </table>

  98. 

  99.       <div class='center pad'>

  100.         <a href='user.php?action=edit&userid=$userId'>Go back to user settings</a>

  101.       </div>

  102.     </div>

  103. HTML;

  104. }

  105. 

  106. View::show_footer();