Implement api token generation in settings (#6)

app/Http/Controllers/App/UserSettingsController.php

@@ -10,6 +10,7 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Str;
 
 /**
  * Class UserSettingsController
@@ -118,4 +119,23 @@ class UserSettingsController extends Controller
         alert(trans('settings.password_updated'), 'success');
         return redirect()->back();
     }
+
+    /**
+     * Generate a new API token for the current user
+     *
+     * @param Request $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function generateApiToken(Request $request)
+    {
+        $new_token = Str::random(32);
+
+        $user = auth()->user();
+        $user->api_token = $new_token;
+        $user->save();
+
+        return response()->json([
+            'new_token' => $new_token,
+        ]);
+    }
 }

app/Models/User.php

@@ -30,6 +30,7 @@ class User extends Authenticatable
         'name',
         'email',
         'password',
+        'api_token',
     ];
 
     /**

database/migrations/2019_02_07_223113_add_user_api_token.php

@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddUserApiToken extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('api_token')->nullable()->after('remember_token');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->dropColumn('api_token');
+        });
+    }
+}

resources/lang/en/settings.php

@@ -33,4 +33,11 @@ return [
     'new_password2' => 'Repeat new Password',
     'password_updated' => 'Password changed successfully!',
     'old_password_invalid' => 'The old password is not valid!',
+
+    'api_token' => 'API Token',
+    'api_token_generate' => 'Generate Token',
+    'api_token_generate_confirm' => 'Do you really want to generate a new token?',
+    'api_token_help' => 'The API token can be used to access LinkAce from other application or scripts as well as running the cron job which checks links if they exist and runs the backup tasks.',
+    'api_token_generate_info' => 'Caution: If you already have an API token, generating a new one will break all existing integrations as well as the cron job!',
+    'api_token_generate_failure' => 'A new API token could not be generated. Please check your browser console and application logs for more information.',
 ];

resources/views/actions/settings/partials/api.blade.php

@@ -0,0 +1,61 @@
+<div class="card mt-4">
+    <div class="card-header">
+        @lang('settings.api_token')
+    </div>
+    <div class="card-body">
+
+        <p>@lang('settings.api_token_help')</p>
+
+        <div class="input-group mb-3">
+            <input type="text" id="api-token" class="form-control" value="{{ auth()->user()->api_token ?? '' }}"
+                readonly aria-readonly="true" aria-label="@lang('settings.api_token_generate')"
+                aria-describedby="api-token-generate">
+            <div class="input-group-append">
+                <button class="btn btn-outline-danger" type="button" id="api-token-generate">
+                    <i class="fa fa-recycle mr-1"></i> @lang('settings.api_token_generate')
+                </button>
+            </div>
+        </div>
+
+        <p id="api-token-generate-failure" class="small text-danger" style="display:none">
+            @lang('settings.api_token_generate_failure')
+        </p>
+
+        <p class="small text-warning">@lang('settings.api_token_generate_info')</p>
+
+    </div>
+</div>
+
+@push('scripts')
+    <script>
+        $('#api-token-generate').click(function (e) {
+            var $btn = $(e.currentTarget);
+            $btn.prop('disabled', true);
+
+            if (confirm('@lang('settings.api_token_generate_confirm')')) {
+
+                $.ajax({
+                    method: 'POST',
+                    url: '{{ route('generate-api-token') }}',
+                    dataType: 'json',
+                    data: {_token: '{{ csrf_token() }}'}
+                }).done(function (response) {
+                    if (typeof response.new_token !== 'undefined') {
+                        $('#api-token').val(response.new_token);
+
+                        window.setTimeout(function () {
+                            $btn.prop('disabled', false);
+                        }, 5000);
+                    } else {
+                        $('#api-token-generate-failure').show();
+                    }
+                }).fail(function () {
+                    $('#api-token-generate-failure').show();
+                });
+
+            } else {
+                $btn.prop('disabled', false);
+            }
+        });
+    </script>
+@endpush

resources/views/actions/settings/user.blade.php

@@ -4,6 +4,8 @@
 
     @include('actions.settings.partials.bookmarklet')
 
+    @include('actions.settings.partials.api')
+
     @include('actions.settings.partials.account-settings')
 
     @include('actions.settings.partials.change-pw')

routes/web.php

@@ -61,6 +61,7 @@ Route::group(['middleware' => ['auth']], function () {
     Route::post('settings/account', 'App\UserSettingsController@saveAccountSettings')->name('save-settings-account');
     Route::post('settings/app', 'App\UserSettingsController@saveAppSettings')->name('save-settings-app');
     Route::post('settings/change-password', 'App\UserSettingsController@changeUserPassword')->name('change-user-password');
+    Route::post('settings/generate-api-token', 'App\UserSettingsController@generateApiToken')->name('generate-api-token');
 
     Route::post('ajax/tags', 'API\AjaxController@getTags')->name('ajax-tags');
 });