diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2020-09-17 09:43:39 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-09-17 09:43:39 +0200 |
| commit | bb9b166eb1be73226d2cf978a05a70ed83faec1e (patch) | |
| tree | 68adbe061fdc1ee3f06ae284fa00e604773e4160 /app/Controllers | |
| parent | f1fe2147a1f551e4d1e5c06421744dc75be0d4ea (diff) | |
Fix CLI api_password (#3179)
* Fix CLI api_password
#fix https://github.com/FreshRSS/FreshRSS/issues/3177
Fix regression from https://github.com/FreshRSS/FreshRSS/pull/2675
* Update cli/_update-or-create-user.php
Co-authored-by: oupala <oupala@users.noreply.github.com>
Co-authored-by: oupala <oupala@users.noreply.github.com>
Diffstat (limited to 'app/Controllers')
| -rw-r--r-- | app/Controllers/apiController.php | 45 |
1 files changed, 30 insertions, 15 deletions
diff --git a/app/Controllers/apiController.php b/app/Controllers/apiController.php index d096ba83f..14dac938c 100644 --- a/app/Controllers/apiController.php +++ b/app/Controllers/apiController.php @@ -4,6 +4,31 @@ * This controller manage API-related features. */ class FreshRSS_api_Controller extends Minz_ActionController { + + /** + * Update the user API password. + * Return an error message, or `false` if no error. + */ + public static function updatePassword($apiPasswordPlain) { + $username = Minz_Session::param('currentUser'); + $userConfig = FreshRSS_Context::$user_conf; + + $apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain); + $userConfig->apiPasswordHash = $apiPasswordHash; + + $feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain); + if (!$feverKey) { + return _t('feedback.api.password.failed'); + } + + $userConfig->feverKey = $feverKey; + if ($userConfig->save()) { + return false; + } else { + return _t('feedback.api.password.failed'); + } + } + /** * This action updates the user API password. * @@ -22,26 +47,16 @@ class FreshRSS_api_Controller extends Minz_ActionController { } $apiPasswordPlain = Minz_Request::param('apiPasswordPlain', '', true); + $apiPasswordPlain = trim($apiPasswordPlain); if ($apiPasswordPlain == '') { Minz_Request::forward($return_url, true); } - $username = Minz_Session::param('currentUser'); - $userConfig = FreshRSS_Context::$user_conf; - - $apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain); - $userConfig->apiPasswordHash = $apiPasswordHash; - - $feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain); - if (!$feverKey) { - Minz_Request::bad(_t('feedback.api.password.failed'), $return_url); - } - - $userConfig->feverKey = $feverKey; - if ($userConfig->save()) { - Minz_Request::good(_t('feedback.api.password.updated'), $return_url); + $error = self::updatePassword($apiPasswordPlain); + if ($error) { + Minz_Request::bad($error, $return_url); } else { - Minz_Request::bad(_t('feedback.api.password.failed'), $return_url); + Minz_Request::good(_t('feedback.api.password.updated'), $return_url); } } } |