3aa102d0c3
This introduces the concept of API keys for use in the new REST API. A key is a string of 32 alphanumerical characters (32 is purely arbitrary, it can be changed easily). A user can have multiple keys (unlimited at the moment) Keys can be generated automatically, and then we have the possibility to delete or revoke each one individually. Test plan: 1/ Go to staff interface 2/ Go to a borrower page 3/ In toolbar, click on More -> Manage API keys 4/ Click on "Generate new key" multiple times, check that they are correctly displayed under the button, and they are active by default 5/ Revoke some keys, check that they are not active anymore 6/ Delete some keys, check that they disappear from table 7/ Go to opac interface, log in 8/ In your user account pages, you now have a new tab to the left "your API keys". Click on it. 9/ Repeat steps 4-6 Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
96 lines
2.9 KiB
Perl
Executable file
96 lines
2.9 KiB
Perl
Executable file
#!/usr/bin/env perl
|
|
|
|
# Copyright 2015 BibLibre
|
|
#
|
|
# This file is part of Koha.
|
|
#
|
|
# Koha is free software; you can redistribute it and/or modify it under the
|
|
# terms of the GNU General Public License as published by the Free Software
|
|
# Foundation; either version 2 of the License, or (at your option) any later
|
|
# version.
|
|
#
|
|
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
|
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License along
|
|
# with Koha; if not, write to the Free Software Foundation, Inc.,
|
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
|
use Modern::Perl;
|
|
|
|
use CGI;
|
|
use String::Random;
|
|
|
|
use C4::Auth;
|
|
use C4::Members;
|
|
use C4::Output;
|
|
use Koha::ApiKeys;
|
|
use Koha::ApiKey;
|
|
|
|
my $cgi = new CGI;
|
|
|
|
my ($template, $loggedinuser, $cookie) = get_template_and_user({
|
|
template_name => 'members/apikeys.tt',
|
|
query => $cgi,
|
|
type => 'intranet',
|
|
authnotrequired => 0,
|
|
flagsrequired => {borrowers => 1},
|
|
});
|
|
|
|
my $borrowernumber = $cgi->param('borrowernumber');
|
|
my $borrower = C4::Members::GetMember(borrowernumber => $borrowernumber);
|
|
my $op = $cgi->param('op');
|
|
|
|
if ($op) {
|
|
if ($op eq 'generate') {
|
|
my $apikey = new Koha::ApiKey;
|
|
$apikey->borrowernumber($borrowernumber);
|
|
$apikey->api_key(String::Random->new->randregex('[a-zA-Z0-9]{32}'));
|
|
$apikey->store;
|
|
print $cgi->redirect('/cgi-bin/koha/members/apikeys.pl?borrowernumber=' . $borrowernumber);
|
|
exit;
|
|
}
|
|
|
|
if ($op eq 'delete') {
|
|
my $key = $cgi->param('key');
|
|
my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key});
|
|
if ($api_key) {
|
|
$api_key->delete;
|
|
}
|
|
print $cgi->redirect('/cgi-bin/koha/members/apikeys.pl?borrowernumber=' . $borrowernumber);
|
|
exit;
|
|
}
|
|
|
|
if ($op eq 'revoke') {
|
|
my $key = $cgi->param('key');
|
|
my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key});
|
|
if ($api_key) {
|
|
$api_key->active(0);
|
|
$api_key->store;
|
|
}
|
|
print $cgi->redirect('/cgi-bin/koha/members/apikeys.pl?borrowernumber=' . $borrowernumber);
|
|
exit;
|
|
}
|
|
|
|
if ($op eq 'activate') {
|
|
my $key = $cgi->param('key');
|
|
my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key});
|
|
if ($api_key) {
|
|
$api_key->active(1);
|
|
$api_key->store;
|
|
}
|
|
print $cgi->redirect('/cgi-bin/koha/members/apikeys.pl?borrowernumber=' . $borrowernumber);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
my @api_keys = Koha::ApiKeys->search({borrowernumber => $borrowernumber});
|
|
|
|
$template->param(
|
|
api_keys => \@api_keys,
|
|
borrower => $borrower,
|
|
borrowernumber => $borrowernumber,
|
|
);
|
|
|
|
output_html_with_http_headers $cgi, $cookie, $template->output;
|