mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 10:08:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix FLEXIAPI-264 Add -k|api_key_ip parameter to accounts:create-admin-account...

Browse source
This commit is contained in:
Timothée Jaussoin 2025-02-03 16:24:39 +00:00
parent 1b1df7eef8
commit 1ba3834f40
7 changed files with 13 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -15,6 +15,7 @@ v1.7
- Fix FLEXIAPI-257 Return a more coherent message when search API endpoints returns a 404 - Fix FLEXIAPI-257 Return a more coherent message when search API endpoints returns a 404
- Fix FLEXIAPI-260 Return 404 and not 403 if the contact is already in the list or missing when removing it - Fix FLEXIAPI-260 Return 404 and not 403 if the contact is already in the list or missing when removing it
- Fix FLEXIAPI-262 Bypass the JWT auth if we have an API Key - Fix FLEXIAPI-262 Bypass the JWT auth if we have an API Key
- Fix FLEXIAPI-264 Add -k|api_key_ip parameter to accounts:create-admin-account to set/clear the related API Key restriction
v1.6 v1.6
---- ----

4
README.md
View file

@ -41,11 +41,11 @@ Create or update a Space, required to then create accounts afterward. The `super
### Create an admin account ### Create an admin account
Create an admin account, an API Key will also be generated along the way, it might expire after a while. Create an admin account, an API Key will also be generated along the way, it might expire after a while (regarding the API Key expiration policy). An empty `api_key_ip` will remove the IP restriction on the key.
If no parameters are put, a default admin account will be created. If no parameters are put, a default admin account will be created.
php artisan accounts:create-admin-account {-u|username=} {-p|password=} {-d|domain=} php artisan accounts:create-admin-account {-u|username=} {-p|password=} {-d|domain=} {-k|api_key_ip=}
### Clear the expired API Keys ### Clear the expired API Keys

4
flexiapi/app/Account.php
View file

@ -352,7 +352,7 @@ class Account extends Authenticatable
return ($this->activationExpiration && $this->activationExpiration->isExpired()); return ($this->activationExpiration && $this->activationExpiration->isExpired());
} }
public function generateApiKey(?Request $request = null): ApiKey public function generateApiKey(?string $ip = null): ApiKey
{ {
$this->apiKey()->delete(); $this->apiKey()->delete();
@ -360,7 +360,7 @@ class Account extends Authenticatable
$apiKey->account_id = $this->id; $apiKey->account_id = $this->id;
$apiKey->last_used_at = Carbon::now(); $apiKey->last_used_at = Carbon::now();
$apiKey->key = Str::random(40); $apiKey->key = Str::random(40);
$apiKey->ip = $request ? $request->ip() : '127.0.0.1'; $apiKey->ip = $ip;
$apiKey->save(); $apiKey->save();
return $apiKey; return $apiKey;

8
flexiapi/app/Console/Commands/Accounts/CreateAdminAccount.php
View file

@ -27,8 +27,8 @@ use App\Space;
class CreateAdminAccount extends Command class CreateAdminAccount extends Command
{ {
protected $signature = 'accounts:create-admin-account {--u|username=} {--p|password=} {--d|domain=}'; protected $signature = 'accounts:create-admin-account {--u|username=} {--p|password=} {--d|domain=} {--k|api_key_ip=}';
protected $description = 'Create an admin account'; protected $description = 'Create an admin account and generate an API Key';
public function __construct() public function __construct()
{ {
@ -90,10 +90,10 @@ class CreateAdminAccount extends Command
$account->created_at = Carbon::now()->subYears(3); $account->created_at = Carbon::now()->subYears(3);
$account->save(); $account->save();
$account->generateApiKey(); $account->generateApiKey(ip: $this->option('api_key_ip') ?? null);
$account->updatePassword($password); $account->updatePassword($password);
$this->info('Admin test account created: "' . $username . '@' . $domain . '" | Password: "' . $password . '" | API Key: "' . $account->apiKey->key . '"'); $this->info('Admin test account created: "' . $username . '@' . $domain . '" | Password: "' . $password . '" | API Key: "' . $account->apiKey->key . '" (valid on ' . ($account->apiKey->ip ?? 'any') . ' ip)');
return 0; return 0;
} }

2
flexiapi/app/Http/Controllers/Account/ApiKeyController.php
View file

@ -34,7 +34,7 @@ class ApiKeyController extends Controller
public function update(Request $request) public function update(Request $request)
{ {
$account = $request->user(); $account = $request->user();
$account->generateApiKey($request); $account->generateApiKey($request->ip());
return redirect()->back(); return redirect()->back();
} }

4
flexiapi/app/Http/Controllers/Api/Account/ApiKeyController.php
View file

@ -29,7 +29,7 @@ class ApiKeyController extends Controller
public function generate(Request $request) public function generate(Request $request)
{ {
$account = $request->user(); $account = $request->user();
$account->generateApiKey($request); $account->generateApiKey($request->ip());
$account->refresh(); $account->refresh();
Cookie::queue('x-api-key', $account->apiKey->key, config('app.api_key_expiration_minutes')); Cookie::queue('x-api-key', $account->apiKey->key, config('app.api_key_expiration_minutes'));
@ -42,7 +42,7 @@ class ApiKeyController extends Controller
$authToken = AuthToken::where('token', $token)->valid()->firstOrFail(); $authToken = AuthToken::where('token', $token)->valid()->firstOrFail();
if ($authToken->account) { if ($authToken->account) {
$authToken->account->generateApiKey($request); $authToken->account->generateApiKey($request->ip());
$authToken->account->refresh(); $authToken->account->refresh();
Cookie::queue('x-api-key', $authToken->account->apiKey->key, config('app.api_key_expiration_minutes')); Cookie::queue('x-api-key', $authToken->account->apiKey->key, config('app.api_key_expiration_minutes'));

2
flexiapi/resources/views/admin/account/activity/index.blade.php
View file

@ -38,7 +38,7 @@
{{ $account->apiKey->last_used_at }} {{ $account->apiKey->last_used_at }}
</td> </td>
<td> <td>
{{ $account->apiKey->ip ?? '-' }} {{ $account->apiKey->ip ?? '*' }}
</td> </td>
<td> <td>
{{ $account->apiKey->requests }} {{ $account->apiKey->requests }}