mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated create token to auto-generate token

Browse Source
This commit is contained in:
laf
2014-10-06 17:19:04 +01:00
parent 22f2f9e045
commit 794c33e57b
3 changed files with 84 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
html/forms/token-item-create.inc.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
/*
* LibreNMS
*
* Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version. Please see LICENSE.txt at the top level of
* the source code distribution for details.
*/
if(!is_numeric($_POST['user_id']) || !isset($_POST['token']))
{
echo('ERROR: error with data, please ensure a valid user and token have been specified.');
exit;
}
elseif(strlen($_POST['token']) > 32)
{
echo('ERROR: The token is more than 32 characters');
exit;
}
elseif(strlen($_POST['token']) < 16)
{
echo('ERROR: The token is less than 16 characters');
exit;
}
else
{
$create = dbInsert(array('user_id' => $_POST['user_id'], 'token_hash' => $_POST['token'], 'description' => $_POST['description']), 'api_tokens');
if($create > '0')
{
echo('API token has been created');
$_SESSION['api_token'] = TRUE;
exit;
}
else
{
echo('ERROR: An error occurred creating the API token');
exit;
}
}

36
html/forms/token-item-remove.inc.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
/*
* LibreNMS
*
* Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version. Please see LICENSE.txt at the top level of
* the source code distribution for details.
*/
if(!is_numeric($_POST['token_id']))
{
echo('error with data');
exit;
}
else
{
if($_POST['confirm'] == 'yes')
{
$delete = dbDelete('api_tokens', '`id` = ?', array($_POST['token_id']));
if($delete > '0')
{
echo('API token has been removed');
exit;
}
else
{
echo('An error occurred removing the API token');
exit;
}
}
}

6
html/pages/api-access.inc.php
View File

@@ -14,6 +14,9 @@
if ($_SESSION['userlevel'] == '10')
{
if(empty($_POST['token'])) {
$_POST['token'] = bin2hex(openssl_random_pseudo_bytes(16));
}
?>
<div class="modal fade" id="confirm-delete" tabindex="-1" role="dialog" aria-labelledby="Delete" aria-hidden="true">
<div class="modal-dialog modal-sm">
@@ -64,10 +67,9 @@ foreach (dbFetchRows("SELECT user_id,username FROM `users` WHERE `level` >= '10'
<div class="form-group">
<label for="token" class="col-sm-2 control-label">Token: </label>
<div class="col-sm-8">
<input type="text" class="form-control" id="token" name="token" value="<?php echo $_POST['token'];?>">
<input type="text" class="form-control" id="token" name="token" value="<?php echo $_POST['token'];?>" disabled>
</div>
<div class="col-sm-2">
<button type="button" class="btn btn-success btn-sm" name="pass-gen" id="pass-gen">Generate</button>
</div>
</div>
<div class="form-group">