diff options
| -rw-r--r-- | app/Controllers/apiController.php | 45 | ||||
| -rw-r--r-- | cli/_update-or-create-user.php | 5 | ||||
| -rwxr-xr-x | cli/create-user.php | 8 | ||||
| -rwxr-xr-x | cli/update-user.php | 7 |
4 files changed, 48 insertions, 17 deletions
diff --git a/app/Controllers/apiController.php b/app/Controllers/apiController.php index d096ba83f..14dac938c 100644 --- a/app/Controllers/apiController.php +++ b/app/Controllers/apiController.php @@ -4,6 +4,31 @@ * This controller manage API-related features. */ class FreshRSS_api_Controller extends Minz_ActionController { + + /** + * Update the user API password. + * Return an error message, or `false` if no error. + */ + public static function updatePassword($apiPasswordPlain) { + $username = Minz_Session::param('currentUser'); + $userConfig = FreshRSS_Context::$user_conf; + + $apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain); + $userConfig->apiPasswordHash = $apiPasswordHash; + + $feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain); + if (!$feverKey) { + return _t('feedback.api.password.failed'); + } + + $userConfig->feverKey = $feverKey; + if ($userConfig->save()) { + return false; + } else { + return _t('feedback.api.password.failed'); + } + } + /** * This action updates the user API password. * @@ -22,26 +47,16 @@ class FreshRSS_api_Controller extends Minz_ActionController { } $apiPasswordPlain = Minz_Request::param('apiPasswordPlain', '', true); + $apiPasswordPlain = trim($apiPasswordPlain); if ($apiPasswordPlain == '') { Minz_Request::forward($return_url, true); } - $username = Minz_Session::param('currentUser'); - $userConfig = FreshRSS_Context::$user_conf; - - $apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain); - $userConfig->apiPasswordHash = $apiPasswordHash; - - $feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain); - if (!$feverKey) { - Minz_Request::bad(_t('feedback.api.password.failed'), $return_url); - } - - $userConfig->feverKey = $feverKey; - if ($userConfig->save()) { - Minz_Request::good(_t('feedback.api.password.updated'), $return_url); + $error = self::updatePassword($apiPasswordPlain); + if ($error) { + Minz_Request::bad($error, $return_url); } else { - Minz_Request::bad(_t('feedback.api.password.failed'), $return_url); + Minz_Request::good(_t('feedback.api.password.updated'), $return_url); } } } diff --git a/cli/_update-or-create-user.php b/cli/_update-or-create-user.php index 0da9963f0..2b01fd011 100644 --- a/cli/_update-or-create-user.php +++ b/cli/_update-or-create-user.php @@ -4,6 +4,7 @@ require(__DIR__ . '/_cli.php'); $params = array( 'user:', 'password:', + 'api_password:', 'language:', 'email:', 'token:', @@ -22,9 +23,9 @@ $options = getopt('', $params); if (!validateOptions($argv, $params) || empty($options['user'])) { fail('Usage: ' . basename($_SERVER['SCRIPT_FILENAME']) . - " --user username ( --password 'password'" . + " --user username ( --password 'password' --api_password 'api_password'" . " --language en --email user@example.net --token 'longRandomString'" . - ($isUpdate ? '' : '--no_default_feeds') . + ($isUpdate ? '' : ' --no_default_feeds') . " --purge_after_months 3 --feed_min_articles_default 50 --feed_ttl_default 3600" . " --since_hours_posts_per_rss 168 --max_posts_per_rss 400 )"); } diff --git a/cli/create-user.php b/cli/create-user.php index f98168cf6..dd0c23175 100755 --- a/cli/create-user.php +++ b/cli/create-user.php @@ -28,6 +28,14 @@ if (!$ok) { fail('FreshRSS could not create user!'); } +if (!empty($options['api_password'])) { + $username = cliInitUser($username); + $error = FreshRSS_api_Controller::updatePassword($options['api_password']); + if ($error) { + fail($error); + } +} + invalidateHttpCache(FreshRSS_Context::$system_conf->default_user); echo '• Remember to refresh the feeds of the user: ', $username , "\n", diff --git a/cli/update-user.php b/cli/update-user.php index 75c778fe5..953a9d2c0 100755 --- a/cli/update-user.php +++ b/cli/update-user.php @@ -17,6 +17,13 @@ if (!$ok) { fail('FreshRSS could not update user!'); } +if (!empty($options['api_password'])) { + $error = FreshRSS_api_Controller::updatePassword($options['api_password']); + if ($error) { + fail($error); + } +} + invalidateHttpCache($username); accessRights(); |