Added reset token
This commit is contained in:
parent
1581a38026
commit
01b403c99e
6 changed files with 27 additions and 6 deletions
|
@ -49,3 +49,7 @@ table.pure-table-striped {
|
|||
#s2id_transaction_creditor {
|
||||
min-width: 150px;
|
||||
}
|
||||
|
||||
.reset_key {
|
||||
display: inline;
|
||||
}
|
|
@ -1,10 +1,10 @@
|
|||
class UsersController < ApplicationController
|
||||
skip_before_action :verify_authenticity_token, only: :create, find_by: :name
|
||||
skip_before_action :verify_authenticity_token, only: :create
|
||||
|
||||
before_action :authenticate_user!, except: :show
|
||||
before_action :authenticate_user_or_client!, only: :show
|
||||
|
||||
load_and_authorize_resource except: :show
|
||||
load_and_authorize_resource except: :show, find_by: :name
|
||||
|
||||
def show
|
||||
@user = User.find_by(name: params[:id]) || User.new
|
||||
|
@ -18,4 +18,9 @@ class UsersController < ApplicationController
|
|||
def index
|
||||
@users = User.all
|
||||
end
|
||||
|
||||
def reset_key
|
||||
@user.generate_key!
|
||||
redirect_to @user
|
||||
end
|
||||
end
|
||||
|
|
|
@ -51,6 +51,16 @@ class User < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def generate_key
|
||||
self.key = SecureRandom.base64(16) unless self.key
|
||||
set_key unless self.key
|
||||
end
|
||||
|
||||
def generate_key!
|
||||
set_key
|
||||
self.save
|
||||
end
|
||||
|
||||
private
|
||||
def set_key
|
||||
self.key = SecureRandom.base64(16)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -5,7 +5,7 @@ class UserAbility
|
|||
return unless user
|
||||
|
||||
can :manage, :all if user.penning?
|
||||
can :read, user, id: user.id
|
||||
can :manage, user, id: user.id
|
||||
can :manage, Request, creditor_id: user.id
|
||||
can :manage, Notification, user_id: user.id
|
||||
can :create, Transaction do |t|
|
||||
|
|
|
@ -65,7 +65,8 @@
|
|||
%th Message
|
||||
%tbody
|
||||
%h3="Zeus account number: BE32 9799 9370 6502"
|
||||
="API token: #{@user.key}"
|
||||
="API key: #{@user.key}"
|
||||
= button_to "reset", reset_key_user_path(@user), {form_class: 'reset_key', class: 'btn btn-small'}
|
||||
%br
|
||||
Example:
|
||||
%code="curl -H \"Accept: application/json\" -H \"Authorization: Token token=#{@user.key}\" #{user_url(@user)}"
|
||||
|
|
|
@ -22,6 +22,7 @@ Rails.application.routes.draw do
|
|||
resources :notifications, only: [:index], shallow: true do
|
||||
post :read
|
||||
end
|
||||
post :reset_key, on: :member
|
||||
end
|
||||
|
||||
get 'datatables/:id' => 'datatables#transactions_for_user', as: "user_transactions"
|
||||
|
|
Loading…
Reference in a new issue