blob: 7843a33f1901cc3339d03ceaf70c41375b3da934 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
<?php
/**
* This controller manage API-related features.
*/
class FreshRSS_api_Controller extends FreshRSS_ActionController {
/**
* Update the user API password.
* Return an error message, or `false` if no error.
*/
public static function updatePassword($apiPasswordPlain) {
$username = Minz_Session::param('currentUser');
$userConfig = FreshRSS_Context::$user_conf;
$apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain);
$userConfig->apiPasswordHash = $apiPasswordHash;
$feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain);
if (!$feverKey) {
return _t('feedback.api.password.failed');
}
$userConfig->feverKey = $feverKey;
if ($userConfig->save()) {
return false;
} else {
return _t('feedback.api.password.failed');
}
}
/**
* This action updates the user API password.
*
* Parameter is:
* - apiPasswordPlain: the new user password
*/
public function updatePasswordAction() {
if (!FreshRSS_Auth::hasAccess()) {
Minz_Error::error(403);
}
$return_url = array('c' => 'user', 'a' => 'profile');
if (!Minz_Request::isPost()) {
Minz_Request::forward($return_url, true);
}
$apiPasswordPlain = Minz_Request::param('apiPasswordPlain', '', true);
$apiPasswordPlain = trim($apiPasswordPlain);
if ($apiPasswordPlain == '') {
Minz_Request::forward($return_url, true);
}
$error = self::updatePassword($apiPasswordPlain);
if ($error) {
Minz_Request::bad($error, $return_url);
} else {
Minz_Request::good(_t('feedback.api.password.updated'), $return_url);
}
}
}
|
