diff options
| author |  Marien Fressinaud <dev@marienfressinaud.fr>
| 2019-12-03 23:11:06 +0100 |
|---|---|---|
| committer |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2019-12-03 23:11:06 +0100 |
| commit | d0f1f9f141a58e090d210c221a7c1745378b96a3 (patch) | |
| tree | 5d538ee048a14d29f8091d9e85cf391ada48ae83 /app/Utils/feverUtil.php | |
| parent | 15b8ef8f40f249ace343696df216f2d61f8249d0 (diff) | |
Separate the update API password endpoint (#2675)
* Extract hashPassword method from userController
* Extract and refactor fever key-related methods
* Move update of API password to dedicated action
* Simplify the controller by refactoring feverUtil
* Add locales
Diffstat (limited to 'app/Utils/feverUtil.php')
| -rw-r--r-- | app/Utils/feverUtil.php | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/app/Utils/feverUtil.php b/app/Utils/feverUtil.php new file mode 100644 index 000000000..83921943c --- /dev/null +++ b/app/Utils/feverUtil.php @@ -0,0 +1,80 @@ +<?php + +class FreshRSS_fever_Util { + const FEVER_PATH = DATA_PATH . '/fever'; + + /** + * Make sure the fever path exists and is writable. + * + * @return boolean true if the path is writable, else false. + */ + public static function checkFeverPath() { + if (!file_exists(self::FEVER_PATH)) { + @mkdir(self::FEVER_PATH, 0770, true); + } + + $ok = is_writable(self::FEVER_PATH); + if (!$ok) { + Minz_Log::error("Could not save Fever API credentials. The directory does not have write access."); + } + return $ok; + } + + /** + * Return the corresponding path for a fever key. + * + * @param string + * @return string + */ + public static function getKeyPath($feverKey) { + $salt = sha1(FreshRSS_Context::$system_conf->salt); + return self::FEVER_PATH . '/.key-' . $salt . '-' . $feverKey . '.txt'; + } + + /** + * Update the fever key of a user. + * + * @param string + * @param string + * @return string the Fever key, or false if the update failed + */ + public static function updateKey($username, $passwordPlain) { + $ok = self::checkFeverPath(); + if (!$ok) { + return false; + } + + self::deleteKey($username); + + $feverKey = strtolower(md5("{$username}:{$passwordPlain}")); + $feverKeyPath = self::getKeyPath($feverKey); + $res = file_put_contents($feverKeyPath, $username); + if ($res !== false) { + return $feverKey; + } else { + Minz_Log::warning('Could not save Fever API credentials. Unknown error.', ADMIN_LOG); + return false; + } + } + + /** + * Delete the Fever key of a user. + * + * @param string + * @return boolean true if the deletion succeeded, else false. + */ + public static function deleteKey($username) { + $userConfig = get_user_configuration($username); + if ($userConfig === null) { + return false; + } + + $feverKey = $userConfig->feverKey; + if (!ctype_xdigit($feverKey)) { + return false; + } + + $feverKeyPath = self::getKeyPath($feverKey); + return @unlink($feverKeyPath); + } +} |