commit d440eb914b0808a88d1ca09f09897fb51a2cd662
parent a6afd6d787ede0137a1e898bf525b448f4883d99
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Sat, 10 Jun 2023 07:58:16 -0700
api key page
Diffstat:
5 files changed, 69 insertions(+), 0 deletions(-)
diff --git a/pkg/web/handlers/data.go b/pkg/web/handlers/data.go
@@ -727,6 +727,12 @@ type WrapperSession struct {
CurrentSession bool
}
+type settingsAPIData struct {
+ ActiveTab string
+ APIKey string
+ NeedConfirm bool
+}
+
type settingsSecurityData struct {
ActiveTab string
Logs []database.SecurityLog
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -2835,6 +2835,29 @@ func SettingsInboxSentHandler(c echo.Context) error {
return c.Render(http.StatusOK, "settings.inbox-sent", data)
}
+func SettingsAPIHandler(c echo.Context) error {
+ authUser := c.Get("authUser").(*database.User)
+ db := c.Get("database").(*database.DkfDB)
+ var data settingsAPIData
+ data.ActiveTab = "api"
+ data.APIKey = authUser.ApiKey
+ if c.Request().Method == http.MethodPost {
+ formName := c.Request().PostFormValue("formName")
+ btnSubmit := c.Request().PostFormValue("btn_submit")
+ if btnSubmit == "Cancel" {
+ return c.Redirect(http.StatusFound, c.Request().Referer())
+ }
+ if formName == "confirm" {
+ token := utils.GenerateToken32()
+ authUser.ApiKey = token
+ authUser.DoSave(db)
+ return c.Redirect(http.StatusFound, c.Request().Referer())
+ }
+ data.NeedConfirm = true
+ }
+ return c.Render(http.StatusOK, "settings.api", data)
+}
+
func SettingsSecurityHandler(c echo.Context) error {
authUser := c.Get("authUser").(*database.User)
db := c.Get("database").(*database.DkfDB)
diff --git a/pkg/web/public/views/pages/settings/api.gohtml b/pkg/web/public/views/pages/settings/api.gohtml
@@ -0,0 +1,36 @@
+{{ define "sub-content" }}
+ {{ if .Data.NeedConfirm }}
+ <div class="card mb-3">
+ <div class="card-header">
+ API
+ </div>
+ <div class="card-body">
+ <form method="post">
+ <input type="hidden" name="csrf" value="{{ .CSRF }}" />
+ <input type="hidden" name="formName" value="confirm" />
+ <input name="btn_submit" type="submit" value="Confirm" class="btn btn-primary" />
+ <input name="btn_submit" type="submit" value="Cancel" class="btn btn-danger" />
+ </form>
+ </div>
+ </div>
+ {{ else }}
+ <div class="card mb-3">
+ <div class="card-header">
+ API
+ </div>
+ <div class="card-body">
+ <form method="post">
+ <input type="hidden" name="csrf" value="{{ .CSRF }}" />
+ <input type="hidden" name="formName" value="" />
+ <div class="form-group">
+ <label>{{ t "API key" . }}</label>
+ <input name="api_key" placeholder="API key" value="{{ .Data.APIKey }}" class="form-control" type="text" readonly />
+ </div>
+ <div class="form-group">
+ <input type="submit" value="Generate new key" class="btn btn-primary" />
+ </div>
+ </form>
+ </div>
+ </div>
+ {{ end }}
+{{ end }}
+\ No newline at end of file
diff --git a/pkg/web/public/views/pages/settings/index.gohtml b/pkg/web/public/views/pages/settings/index.gohtml
@@ -18,6 +18,7 @@
<a href="/settings/chat" class="list-group-item list-group-item-action{{ if eq .Data.ActiveTab "chat" }} active{{ end }}">{{ t "Chat settings" . }}</a>
<a href="/settings/pgp" class="list-group-item list-group-item-action{{ if eq .Data.ActiveTab "pgp" }} active{{ end }}">{{ t "PGP" . }}</a>
<a href="/settings/age" class="list-group-item list-group-item-action{{ if eq .Data.ActiveTab "age" }} active{{ end }}">{{ t "Age" . }}</a>
+ <a href="/settings/api" class="list-group-item list-group-item-action{{ if eq .Data.ActiveTab "api" }} active{{ end }}">{{ t "API" . }}</a>
</div>
</div>
diff --git a/pkg/web/web.go b/pkg/web/web.go
@@ -115,6 +115,8 @@ func getMainServer(db *database.DkfDB, i18nBundle *i18n.Bundle, renderer *tmp.Te
authGroup.POST("/settings/private-notes", handlers.SettingsPrivateNotesHandler)
authGroup.GET("/settings/sessions", handlers.SettingsSessionsHandler)
authGroup.POST("/settings/sessions", handlers.SettingsSessionsHandler)
+ authGroup.GET("/settings/api", handlers.SettingsAPIHandler)
+ authGroup.POST("/settings/api", handlers.SettingsAPIHandler)
authGroup.GET("/settings/security", handlers.SettingsSecurityHandler)
authGroup.GET("/settings/account", handlers.SettingsAccountHandler)
authGroup.POST("/settings/account", handlers.SettingsAccountHandler, middlewares.AuthRateLimitMiddleware(2*time.Second, 1))
