From d0f1f9f141a58e090d210c221a7c1745378b96a3 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Tue, 3 Dec 2019 23:11:06 +0100 Subject: Separate the update API password endpoint (#2675) * Extract hashPassword method from userController * Extract and refactor fever key-related methods * Move update of API password to dedicated action * Simplify the controller by refactoring feverUtil * Add locales --- app/Controllers/apiController.php | 47 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 app/Controllers/apiController.php (limited to 'app/Controllers/apiController.php') diff --git a/app/Controllers/apiController.php b/app/Controllers/apiController.php new file mode 100644 index 000000000..d096ba83f --- /dev/null +++ b/app/Controllers/apiController.php @@ -0,0 +1,47 @@ + 'user', 'a' => 'profile'); + + if (!Minz_Request::isPost()) { + Minz_Request::forward($return_url, true); + } + + $apiPasswordPlain = Minz_Request::param('apiPasswordPlain', '', true); + if ($apiPasswordPlain == '') { + Minz_Request::forward($return_url, true); + } + + $username = Minz_Session::param('currentUser'); + $userConfig = FreshRSS_Context::$user_conf; + + $apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain); + $userConfig->apiPasswordHash = $apiPasswordHash; + + $feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain); + if (!$feverKey) { + Minz_Request::bad(_t('feedback.api.password.failed'), $return_url); + } + + $userConfig->feverKey = $feverKey; + if ($userConfig->save()) { + Minz_Request::good(_t('feedback.api.password.updated'), $return_url); + } else { + Minz_Request::bad(_t('feedback.api.password.failed'), $return_url); + } + } +} -- cgit v1.2.3