blob: 585a7a9bb0f48f238d1e20b09e417d3908d71c1b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
<?php
declare(strict_types=1);
/**
* This controller manage API-related features.
*/
class FreshRSS_api_Controller extends FreshRSS_ActionController {
/**
* Update the user API password.
* Return an error message, or `false` if no error.
*/
public static function updatePassword(string $apiPasswordPlain): string|false {
$username = Minz_User::name();
if ($username == null) {
return _t('feedback.api.password.failed');
}
$apiPasswordHash = FreshRSS_password_Util::hash($apiPasswordPlain);
FreshRSS_Context::userConf()->apiPasswordHash = $apiPasswordHash;
$feverKey = FreshRSS_fever_Util::updateKey($username, $apiPasswordPlain);
if ($feverKey == false) {
return _t('feedback.api.password.failed');
}
FreshRSS_Context::userConf()->feverKey = $feverKey;
if (FreshRSS_Context::userConf()->save()) {
return false;
} else {
return _t('feedback.api.password.failed');
}
}
/**
* This action updates the user API password.
*
* Parameter is:
* - apiPasswordPlain: the new user password
*/
public function updatePasswordAction(): void {
if (!FreshRSS_Auth::hasAccess()) {
Minz_Error::error(403);
}
$return_url = ['c' => 'user', 'a' => 'profile'];
if (!Minz_Request::isPost()) {
Minz_Request::forward($return_url, true);
}
$apiPasswordPlain = Minz_Request::paramString('apiPasswordPlain', true);
if ($apiPasswordPlain == '') {
Minz_Request::forward($return_url, true);
}
$error = self::updatePassword($apiPasswordPlain);
if (is_string($error)) {
Minz_Request::bad($error, $return_url);
} else {
Minz_Request::good(_t('feedback.api.password.updated'), $return_url);
}
}
}
|
