diff --git a/app/Api/ApiToken.php b/app/Api/ApiToken.php index 5c2d591e4..ca89c813e 100644 --- a/app/Api/ApiToken.php +++ b/app/Api/ApiToken.php @@ -52,4 +52,12 @@ class ApiToken extends Model implements Loggable { return "({$this->id}) {$this->name}; User: {$this->user->logDescriptor()}"; } + + /** + * Get the URL for managing this token. + */ + public function getUrl(string $path = ''): string + { + return url("/api-tokens/{$this->user_id}/{$this->id}/" . trim($path, '/')); + } } diff --git a/app/Api/UserApiTokenController.php b/app/Api/UserApiTokenController.php index 8357420ee..7455be4ff 100644 --- a/app/Api/UserApiTokenController.php +++ b/app/Api/UserApiTokenController.php @@ -14,16 +14,17 @@ class UserApiTokenController extends Controller /** * Show the form to create a new API token. */ - public function create(int $userId) + public function create(Request $request, int $userId) { - // Ensure user is has access-api permission and is the current user or has permission to manage the current user. $this->checkPermission('access-api'); $this->checkPermissionOrCurrentUser('users-manage', $userId); + $this->updateContext($request); $user = User::query()->findOrFail($userId); return view('users.api-tokens.create', [ 'user' => $user, + 'back' => $this->getRedirectPath($user), ]); } @@ -60,14 +61,16 @@ class UserApiTokenController extends Controller session()->flash('api-token-secret:' . $token->id, $secret); $this->logActivity(ActivityType::API_TOKEN_CREATE, $token); - return redirect($user->getEditUrl('/api-tokens/' . $token->id)); + return redirect($token->getUrl()); } /** * Show the details for a user API token, with access to edit. */ - public function edit(int $userId, int $tokenId) + public function edit(Request $request, int $userId, int $tokenId) { + $this->updateContext($request); + [$user, $token] = $this->checkPermissionAndFetchUserToken($userId, $tokenId); $secret = session()->pull('api-token-secret:' . $token->id, null); @@ -76,6 +79,7 @@ class UserApiTokenController extends Controller 'token' => $token, 'model' => $token, 'secret' => $secret, + 'back' => $this->getRedirectPath($user), ]); } @@ -97,7 +101,7 @@ class UserApiTokenController extends Controller $this->logActivity(ActivityType::API_TOKEN_UPDATE, $token); - return redirect($user->getEditUrl('/api-tokens/' . $token->id)); + return redirect($token->getUrl()); } /** @@ -123,7 +127,7 @@ class UserApiTokenController extends Controller $this->logActivity(ActivityType::API_TOKEN_DELETE, $token); - return redirect($user->getEditUrl('#api_tokens')); + return redirect($this->getRedirectPath($user)); } /** @@ -142,4 +146,30 @@ class UserApiTokenController extends Controller return [$user, $token]; } + + /** + * Update the context for where the user is coming from to manage API tokens. + * (Track of location for correct return redirects) + */ + protected function updateContext(Request $request): void + { + $context = $request->query('context'); + if ($context) { + session()->put('api-token-context', $context); + } + } + + /** + * Get the redirect path for the current api token editing session. + * Attempts to recall the context of where the user is editing from. + */ + protected function getRedirectPath(User $relatedUser): string + { + $context = session()->get('api-token-context'); + if ($context === 'settings') { + return $relatedUser->getEditUrl('#api_tokens'); + } + + return url('/my-account/auth#api_tokens'); + } } diff --git a/resources/views/users/account/auth.blade.php b/resources/views/users/account/auth.blade.php index 3503978cf..d6f85093b 100644 --- a/resources/views/users/account/auth.blade.php +++ b/resources/views/users/account/auth.blade.php @@ -82,6 +82,6 @@ @endif @if(userCan('access-api')) - @include('users.api-tokens.parts.list', ['user' => user()]) + @include('users.api-tokens.parts.list', ['user' => user(), 'context' => 'my-account']) @endif @stop diff --git a/resources/views/users/api-tokens/create.blade.php b/resources/views/users/api-tokens/create.blade.php index 9cf772082..8250c5ae8 100644 --- a/resources/views/users/api-tokens/create.blade.php +++ b/resources/views/users/api-tokens/create.blade.php @@ -7,8 +7,8 @@

{{ trans('settings.user_api_token_create') }}

-
- {!! csrf_field() !!} + + {{ csrf_field() }}
@include('users.api-tokens.parts.form') @@ -21,7 +21,7 @@
- {{ trans('common.cancel') }} + {{ trans('common.cancel') }}
diff --git a/resources/views/users/api-tokens/delete.blade.php b/resources/views/users/api-tokens/delete.blade.php index 45f0e2fa0..2b9a29e6a 100644 --- a/resources/views/users/api-tokens/delete.blade.php +++ b/resources/views/users/api-tokens/delete.blade.php @@ -11,11 +11,11 @@

{{ trans('settings.user_api_token_delete_confirm') }}

- - {!! csrf_field() !!} - {!! method_field('delete') !!} + + {{ csrf_field() }} + {{ method_field('delete') }} - {{ trans('common.cancel') }} + {{ trans('common.cancel') }}
diff --git a/resources/views/users/api-tokens/edit.blade.php b/resources/views/users/api-tokens/edit.blade.php index 61c1ac2a6..aa3e49ded 100644 --- a/resources/views/users/api-tokens/edit.blade.php +++ b/resources/views/users/api-tokens/edit.blade.php @@ -7,9 +7,9 @@

{{ trans('settings.user_api_token') }}

-
- {!! method_field('put') !!} - {!! csrf_field() !!} + + {{ method_field('put') }} + {{ csrf_field() }}
@@ -52,8 +52,8 @@
- {{ trans('common.back') }} - {{ trans('settings.user_api_token_delete') }} + {{ trans('common.back') }} + {{ trans('settings.user_api_token_delete') }}
diff --git a/resources/views/users/api-tokens/parts/list.blade.php b/resources/views/users/api-tokens/parts/list.blade.php index 3081682a4..70aaa58f3 100644 --- a/resources/views/users/api-tokens/parts/list.blade.php +++ b/resources/views/users/api-tokens/parts/list.blade.php @@ -4,7 +4,7 @@
@if(userCan('access-api')) {{ trans('settings.users_api_tokens_docs') }} - {{ trans('settings.users_api_tokens_create') }} + {{ trans('settings.users_api_tokens_create') }} @endif
@@ -14,7 +14,7 @@ @foreach($user->apiTokens as $token)
- {{ $token->name }}
+ {{ $token->name }}
{{ $token->token_id }}
@@ -23,7 +23,7 @@ {{ $token->expires_at->format('Y-m-d') ?? '' }}
- {{ trans('common.edit') }} + {{ trans('common.edit') }}
diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php index 1254a1330..076b28c74 100644 --- a/resources/views/users/edit.blade.php +++ b/resources/views/users/edit.blade.php @@ -100,7 +100,7 @@ @endif - @include('users.api-tokens.parts.list', ['user' => $user]) + @include('users.api-tokens.parts.list', ['user' => $user, 'context' => 'settings']) @stop diff --git a/routes/web.php b/routes/web.php index 69ce5167c..c2f4891b8 100644 --- a/routes/web.php +++ b/routes/web.php @@ -251,12 +251,12 @@ Route::middleware('auth')->group(function () { Route::patch('/preferences/update-code-language-favourite', [UserControllers\UserPreferencesController::class, 'updateCodeLanguageFavourite']); // User API Tokens - Route::get('/settings/users/{userId}/create-api-token', [UserApiTokenController::class, 'create']); - Route::post('/settings/users/{userId}/create-api-token', [UserApiTokenController::class, 'store']); - Route::get('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'edit']); - Route::put('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'update']); - Route::get('/settings/users/{userId}/api-tokens/{tokenId}/delete', [UserApiTokenController::class, 'delete']); - Route::delete('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'destroy']); + Route::get('/api-tokens/{userId}/create', [UserApiTokenController::class, 'create']); + Route::post('/api-tokens/{userId}/create', [UserApiTokenController::class, 'store']); + Route::get('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'edit']); + Route::put('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'update']); + Route::get('/api-tokens/{userId}/{tokenId}/delete', [UserApiTokenController::class, 'delete']); + Route::delete('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'destroy']); // Roles Route::get('/settings/roles', [UserControllers\RoleController::class, 'index']);