mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 01:58:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix #136 Refactor the activation_key integration

Browse source
This commit is contained in:
Timothée Jaussoin 2023-12-20 11:02:34 +00:00
parent 63002e5c2c
commit 3649dde4f3
7 changed files with 41 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
flexiapi/app/Account.php
View file

@ -38,8 +38,8 @@ class Account extends Authenticatable
use HasFactory;
use Compoships;
protected $with = ['passwords', 'admin', 'alias', 'currentRecoveryCode', 'activationExpiration', 'emailChangeCode', 'types', 'actions'];
protected $hidden = ['alias', 'expire_time', 'confirmation_key', 'pivot'];
protected $with = ['passwords', 'admin', 'alias', 'activationExpiration', 'emailChangeCode', 'types', 'actions'];
protected $hidden = ['alias', 'expire_time', 'confirmation_key', 'pivot', 'currentProvisioningToken', 'currentRecoveryCode'];
protected $appends = ['realm', 'phone', 'confirmation_key_expires', 'provisioning_token'];
protected $casts = [
'activated' => 'boolean',

6
flexiapi/app/Http/Controllers/Api/Account/AccountController.php
View file

@ -256,6 +256,9 @@ class AccountController extends Controller
return (new AccountService)->store($request);
}
/**
* Deprecated
*/
public function activateEmail(Request $request, string $sip)
{
$request->validate([
@ -277,6 +280,9 @@ class AccountController extends Controller
return $account;
}
/**
* Deprecated
*/
public function activatePhone(Request $request, string $sip)
{
$request->validate([

8
flexiapi/app/Http/Controllers/Api/Admin/AccountController.php
View file

@ -225,12 +225,4 @@ class AccountController extends Controller
return Account::findOrFail($id)->contactsLists()->detach($contactsListId);
}
public function recoverByEmail(int $id)
{
$account = Account::findOrFail($id);
$account = (new AccountService)->recoverByEmail($account);
return $account->makeVisible(['confirmation_key', 'provisioning_token']);
}
}

8
flexiapi/public/css/style.css vendored
View file

@ -103,6 +103,10 @@ body.show_menu {
overflow: hidden;
}
ul {
margin-bottom: 1rem;
}
p,
a,
ul li,
@ -581,6 +585,10 @@ h3+p {
}
.badge.badge-error {
background-color: var(--color-pink);
}
.badge.badge-message {
background-color: var(--color-purple);
}

38
flexiapi/resources/views/api/documentation_markdown.blade.php
View file

@ -144,7 +144,7 @@ Return `404` if the token is non existing or invalid.
## Accounts
### `POST /accounts/public`
### <span class="badge badge-message">Deprecated</span> `POST /accounts/public`
@if(!config('app.dangerous_endpoints'))<span class="badge">Disabled</span>@endif
@ -187,7 +187,7 @@ JSON parameters:
Retrieve public information about the account.
Return `404` if the account doesn't exists.
### `GET /accounts/{phone}/info-by-phone`
### <span class="badge badge-message">Deprecated</span> `GET /accounts/{phone}/info-by-phone`
@if(!config('app.dangerous_endpoints'))<span class="badge">Disabled</span>@endif
@ -199,7 +199,7 @@ Return `404` if the account doesn't exists.
Return `phone: true` if the returned account has a phone number.
### `POST /accounts/recover-by-phone`
### <span class="badge badge-message">Deprecated</span> `POST /accounts/recover-by-phone`
@if(!config('app.dangerous_endpoints'))<span class="badge">Disabled</span>@endif
@ -216,7 +216,7 @@ JSON parameters:
* `phone` required the phone number to send the SMS to
* `account_creation_token` the unique `account_creation_token`
### `GET /accounts/{sip}/recover/{recover_key}`
### <span class="badge badge-message">Deprecated</span> `GET /accounts/{sip}/recover/{recover_key}`
@if(!config('app.dangerous_endpoints'))<span class="badge">Disabled</span>@endif
@ -231,22 +231,28 @@ Return the account information (including the hashed password) if valid.
Return `404` if the account doesn't exists.
### `POST /accounts/{sip}/activate/email`
### <span class="badge badge-message">Deprecated</span> `POST /accounts/{sip}/activate/email`
<a href="#post-accountsmeemailrequest">Use `POST /accounts/me/email/request` instead</a>.
<span class="badge badge-success">Public</span>
Activate an account using a secret code received by email.
Return `404` if the account doesn't exists or if the code is incorrect, the validated account otherwise.
JSON parameters:
* `confirmation_key` the confirmation key
### `POST /accounts/{sip}/activate/phone`
### <span class="badge badge-message">Deprecated</span> `POST /accounts/{sip}/activate/phone`
<a href="#post-accountsmephonerequest">Use `POST /accounts/me/phone/request` instead</a>.
<span class="badge badge-success">Public</span>
Activate an account using a pin code received by phone.
Return `404` if the account doesn't exists or if the code is incorrect, the validated account otherwise.
JSON parameters:
* `confirmation_key` the PIN code
@ -293,6 +299,7 @@ Delete the account.
<span class="badge badge-info">User</span>
Change the account email. An email will be sent to the new email address to confirm the operation.
JSON parameters:
* `email` the new email address, must be unique if `ACCOUNT_EMAIL_UNIQUE` is set to `true`
@ -302,6 +309,7 @@ JSON parameters:
<span class="badge badge-info">User</span>
Change the account password.
JSON parameters:
* `algorithm` required, values can be `SHA-256` or `MD5`
@ -313,7 +321,8 @@ JSON parameters:
<span class="badge badge-warning">Admin</span>
To create an account directly from the API.
If `activated` is set to `false` a random generated `confirmation_key` and `provisioning_token` will be returned to allow further activation using the public endpoints and provision the account. Check `confirmation_key_expires` to also set an expiration date on that `confirmation_key`.
<span class="badge badge-message">Deprecated</span> If `activated` is set to `false` a random generated `confirmation_key` and `provisioning_token` will be returned to allow further activation using the public endpoints and provision the account. Check `confirmation_key_expires` to also set an expiration date on that `confirmation_key`.
JSON parameters:
@ -327,7 +336,7 @@ JSON parameters:
* `admin` optional, a boolean, set to `false` by default, create an admin account
* `phone` optional, a phone number, set a phone number to the account
* `dtmf_protocol` optional, values must be `sipinfo`, `sipmessage` or `rfc2833`
* `confirmation_key_expires` optional, a datetime of this format: Y-m-d H:i:s. Only used when `activated` is not used or `false`. Enforces an expiration date on the returned `confirmation_key`. After that datetime public email or phone activation endpoints will return `403`.
* <span class="badge badge-message">Deprecated</span> `confirmation_key_expires` optional, a datetime of this format: Y-m-d H:i:s. Only used when `activated` is not used or `false`. Enforces an expiration date on the returned `confirmation_key`. After that datetime public email or phone activation endpoints will return `403`.
### `PUT /accounts/{id}`
@ -358,12 +367,6 @@ Retrieve all the accounts, paginated.
Retrieve a specific account.
### `POST /accounts/{id}/recover-by-email`
<span class="badge badge-warning">Admin</span>
Send the account recovery email containing a fresh `provisioning_token` and `confirmation_key`
### `GET /accounts/{sip}/search`
<span class="badge badge-warning">Admin</span>
@ -407,6 +410,7 @@ Provision an account by generating a fresh `provisioning_token`.
<span class="badge badge-info">User</span>
Request a specific code by SMS
JSON parameters:
* `phone` the phone number to send the SMS
@ -415,12 +419,14 @@ JSON parameters:
<span class="badge badge-info">User</span>
Confirm the code received and change the phone number
Confirm the code received and change the phone number.
Activate the account.
JSON parameters:
* `code` the received SMS code
Return the updated account
Return the updated account.
## Accounts devices

6
flexiapi/routes/api.php
View file

@ -41,10 +41,11 @@ Route::post('accounts/with-account-creation-token', 'Api\Account\AccountControll
Route::get('accounts/{sip}/info', 'Api\Account\AccountController@info');
// Deprecated endpoints
Route::post('accounts/{sip}/activate/email', 'Api\Account\AccountController@activateEmail');
Route::post('accounts/{sip}/activate/phone', 'Api\Account\AccountController@activatePhone');
// /!\ Dangerous endpoints
// Deprecated endpoints /!\ Dangerous endpoints
Route::post('accounts/public', 'Api\Account\AccountController@storePublic');
Route::get('accounts/{sip}/recover/{recovery_key}', 'Api\Account\AccountController@recoverUsingKey');
Route::post('accounts/recover-by-phone', 'Api\Account\AccountController@recoverByPhone');
@ -71,6 +72,7 @@ Route::group(['middleware' => ['auth.digest_or_key']], function () {
Route::delete('devices/{uuid}', 'Api\Account\DeviceController@destroy');
Route::post('email/request', 'Api\Account\EmailController@requestUpdate');
Route::post('password', 'Api\Account\PasswordController@update');
Route::get('contacts/{sip}', 'Api\Account\ContactController@show');
@ -91,8 +93,6 @@ Route::group(['middleware' => ['auth.digest_or_key']], function () {
Route::get('{id}/deactivate', 'deactivate');
Route::get('{id}/provision', 'provision');
Route::post('{id}/recover-by-email', 'recoverByEmail');
Route::post('/', 'store');
Route::put('{id}', 'update');
Route::get('/', 'index');

20
flexiapi/tests/Feature/ApiAccountTest.php
View file

@ -1141,26 +1141,6 @@ class ApiAccountTest extends TestCase
->assertStatus(404);
}
public function testRecoverByEmail()
{
$email = 'collision@email.com';
$account = Password::factory()->create();
$account->account->email = $email;
$account->account->save();
$admin = Admin::factory()->create();
$admin->account->generateApiKey();
$admin->account->save();
$response = $this->keyAuthenticated($admin->account)
->post($this->route . '/' . $account->id . '/recover-by-email')
->assertStatus(200);
$this->assertNotEquals($response->json('confirmation_key'), $account->confirmation_key);
$this->assertNotEquals($response->json('provisioning_token'), $account->provisioning_token);
}
public function testGetAll()
{
Password::factory()->create();