mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-04-11 18:07:43 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix CLI api_password (#3179)

Browse Source 
* Fix CLI api_password

#fix https://github.com/FreshRSS/FreshRSS/issues/3177
Fix regression from https://github.com/FreshRSS/FreshRSS/pull/2675

* Update cli/_update-or-create-user.php

Co-authored-by: oupala <oupala@users.noreply.github.com>

Co-authored-by: oupala <oupala@users.noreply.github.com>
This commit is contained in:
Alexandre Alapetite
2020-09-17 09:43:39 +02:00
committed by GitHub
parent f1fe2147a1
commit bb9b166eb1
4 changed files with 48 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
app/Controllers/apiController.php
View File

@@ -4,6 +4,31 @@
* This controller manage API-related features.
*/
class FreshRSS_api_Controller extends Minz_ActionController {
/**
* Update the user API password.
* Return an error message, or `false` if no error.
*/
public static function updatePassword($apiPasswordPlain) {
$username = Minz_Session::param('currentUser');
$userConfig = FreshRSS_Context::$user_conf;
$apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain);
$userConfig->apiPasswordHash = $apiPasswordHash;
$feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain);
if (!$feverKey) {
return _t('feedback.api.password.failed');
}
$userConfig->feverKey = $feverKey;
if ($userConfig->save()) {
return false;
} else {
return _t('feedback.api.password.failed');
}
}
/**
* This action updates the user API password.
*
@@ -22,26 +47,16 @@ class FreshRSS_api_Controller extends Minz_ActionController {
}
$apiPasswordPlain = Minz_Request::param('apiPasswordPlain', '', true);
$apiPasswordPlain = trim($apiPasswordPlain);
if ($apiPasswordPlain == '') {
Minz_Request::forward($return_url, true);
}
$username = Minz_Session::param('currentUser');
$userConfig = FreshRSS_Context::$user_conf;
$apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain);
$userConfig->apiPasswordHash = $apiPasswordHash;
$feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain);
if (!$feverKey) {
Minz_Request::bad(_t('feedback.api.password.failed'), $return_url);
}
$userConfig->feverKey = $feverKey;
if ($userConfig->save()) {
Minz_Request::good(_t('feedback.api.password.updated'), $return_url);
$error = self::updatePassword($apiPasswordPlain);
if ($error) {
Minz_Request::bad($error, $return_url);
} else {
Minz_Request::bad(_t('feedback.api.password.failed'), $return_url);
Minz_Request::good(_t('feedback.api.password.updated'), $return_url);
}
}
}