Start working on token services

9 years ago · 97d7f2d849
parent f84207cc44
commit 97d7f2d849
4 changed files with 53 additions and 0 deletions
--- a/install/mods-for-hesk/sql/installSql.php
+++ b/install/mods-for-hesk/sql/installSql.php
@ -702,5 +702,9 @@ function execute260Scripts()
    hesk_dbConnect();

    executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` (`Key`, `Value`) VALUES ('public_api', '1')");
+    executeQuery("CREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "user_api_tokens` (
+      `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
+      `user_id` INT NOT NULL,
+      `token` VARCHAR(500) NOT NULL) ENGINE = MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci");
    executeQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` SET `Value` = '2.6.0' WHERE `Key` = 'modsForHeskVersion'");
 }
--- a/internal-api/admin/api-authentication/index.php
+++ b/internal-api/admin/api-authentication/index.php
@ -0,0 +1,36 @@
+<?php
+define('IN_SCRIPT', 1);
+define('HESK_PATH', '../../../');
+define('INTERNAL_API_PATH', '../../');
+require_once(HESK_PATH . 'hesk_settings.inc.php');
+require_once(HESK_PATH . 'inc/common.inc.php');
+require_once(INTERNAL_API_PATH . 'core/output.php');
+require_once(INTERNAL_API_PATH . 'dao/api_authentication_dao.php');
+
+hesk_load_internal_api_database_functions();
+hesk_dbConnect();
+
+// Routing
+$request_method = $_SERVER['REQUEST_METHOD'];
+if ($request_method == 'POST') {
+    $user_id = $_POST['userId'];
+    $action = $_POST['action'];
+
+    if ($user_id == NULL || $action == NULL) {
+        return http_response_code(400);
+    }
+
+    if ($action == 'generate') {
+        $hash = hash("sha512", time());
+        store_token($user_id, $hash, $hesk_settings);
+
+        output($hash);
+        return http_response_code(200);
+    } elseif ($action == 'reset') {
+        //TODO
+    } else {
+        return http_response_code(400);
+    }
+}
+
+return http_response_code(405);
--- a/internal-api/dao/api_authentication_dao.php
+++ b/internal-api/dao/api_authentication_dao.php
@ -0,0 +1,5 @@
+<?php
+
+function store_token($user_id, $token_hash, $hesk_settings) {
+    //TODO
+}
--- a/internal-api/js/api-settings.js
+++ b/internal-api/js/api-settings.js
@ -49,4 +49,12 @@ function updatePublicApi(enable) {
            $('#public-api-failure').removeClass('hide');
        }
    });
+}
+
+function generateToken(userId) {
+    alert(userId);
+}
+
+function clearTokens(userId) {
+    alert(userId);
 }