Api key generation fix
This commit is contained in:
parent
d02e3e6e7b
commit
c1ca0da80a
|
@ -24,7 +24,7 @@ $dispatcher = FastRoute\simpleDispatcher(
|
|||
global $tools, $database, $user;
|
||||
try {
|
||||
$user->auth->loginWithUsername($_POST['username'], $_POST['password']);
|
||||
$apiKey = $tools->createKey(true);
|
||||
$apiKey = $tools->createKey();
|
||||
$database->exec("INSERT INTO `%PREFIX%_api_keys` (`apikey`, `user`, `permissions`) VALUES (:apiKey, :userId, 'ALL');", true, [":apiKey" => $apiKey, ":userId" => $user->auth->getUserId()]);
|
||||
return ["status" => "ok", "apiKey" => $apiKey];
|
||||
}
|
||||
|
|
|
@ -110,15 +110,9 @@ class tools
|
|||
return $array2;
|
||||
}
|
||||
|
||||
public function createKey($hashCode=false, $lenght=128)
|
||||
public function createKey($lenght=32)
|
||||
{
|
||||
$this->profiler_start("Create key");
|
||||
$code = str_replace(".", "", bin2hex(random_bytes(10)).base64_encode(openssl_random_pseudo_bytes(30)));
|
||||
if($hashCode) {
|
||||
$code = $code.".".hash("sha256", $code);
|
||||
}
|
||||
$this->profiler_stop();
|
||||
return $code;
|
||||
return bin2hex(random_bytes($lenght));
|
||||
}
|
||||
|
||||
public function sanitize($string, $htmlAllowed=false, $htmlPurifierOptions=[])
|
||||
|
|
Loading…
Reference in New Issue