From b8f7532e5c7e8b8be3ab199fca3dadd0d22be4cd Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Sat, 3 Dec 2016 15:43:36 -0500
Subject: Add personal API access token

---
 app/Controller/UserApiAccessController.php | 50 ++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 app/Controller/UserApiAccessController.php

(limited to 'app/Controller/UserApiAccessController.php')

diff --git a/app/Controller/UserApiAccessController.php b/app/Controller/UserApiAccessController.php
new file mode 100644
index 00000000..e03514d5
--- /dev/null
+++ b/app/Controller/UserApiAccessController.php
@@ -0,0 +1,50 @@
+<?php
+
+namespace Kanboard\Controller;
+
+use Kanboard\Core\Security\Token;
+
+/**
+ * Class UserApiAccessController
+ *
+ * @package Kanboard\Controller
+ * @author  Frederic Guillot
+ */
+class UserApiAccessController extends BaseController
+{
+    public function show()
+    {
+        $user = $this->getUser();
+
+        return $this->response->html($this->helper->layout->user('user_api_access/show', array(
+            'user'  => $user,
+            'title' => t('API User Access'),
+        )));
+    }
+
+    public function generate()
+    {
+        $user = $this->getUser();
+        $this->checkCSRFParam();
+
+        $this->userModel->update(array(
+            'id' => $user['id'],
+            'api_access_token' => Token::getToken(),
+        ));
+
+        $this->response->redirect($this->helper->url->to('UserApiAccessController', 'show', array('user_id' => $user['id'])));
+    }
+
+    public function remove()
+    {
+        $user = $this->getUser();
+        $this->checkCSRFParam();
+
+        $this->userModel->update(array(
+            'id' => $user['id'],
+            'api_access_token' => null,
+        ));
+
+        $this->response->redirect($this->helper->url->to('UserApiAccessController', 'show', array('user_id' => $user['id'])));
+    }
+}
\ No newline at end of file
-- 
cgit v1.2.3