diff --git a/app/Http/Controllers/TokenController.php b/app/Http/Controllers/TokenController.php
index 17c2c509..21e8ad7a 100644
--- a/app/Http/Controllers/TokenController.php
+++ b/app/Http/Controllers/TokenController.php
@@ -3,7 +3,6 @@
namespace App\Http\Controllers;
use App\Exceptions\NexusException;
-use App\Models\PersonalAccessTokenPlain;
use App\Repositories\TokenRepository;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
@@ -29,6 +28,12 @@ class TokenController extends Controller
if ($count >= 5) {
throw new NexusException(nexus_trans("token.maximum_allow_number_reached"));
}
+ $allowed = TokenRepository::listUserTokenPermissionAllowed();
+ foreach ($request->permissions as $permission) {
+ if (!in_array($permission, $allowed)) {
+ throw new NexusException(nexus_trans("token.permission_not_allowed", ['permission_text' => nexus_trans("route-permission.{$permission}.text")]));
+ }
+ }
$newAccessToken = $user->createToken($request->name, $request->permissions);
$tokenText = $newAccessToken->plainTextToken;
$msg = nexus_trans("token.create_success_tip", ['token' => $tokenText]);
@@ -52,28 +57,5 @@ class TokenController extends Controller
}
}
- public function getPlainText(Request $request)
- {
- try {
- $request->validate([
- 'id' => 'required|integer',
- ]);
- $user = Auth::user();
- $token = $user->tokens()->where("id", $request->id)->first();
- if (!$token) {
- throw new NexusException("Token not found");
- }
- $plainRecord = PersonalAccessTokenPlain::query()->where("access_token_id", $token->id)->first();
- if (!$plainRecord) {
- throw new NexusException("Plain record not found");
- }
- return $this->success($plainRecord->plain_text_token);
- } catch (\Exception $exception) {
- return $this->fail(false, $exception->getMessage());
- }
- }
-
-
-
}
diff --git a/resources/lang/en/token.php b/resources/lang/en/token.php
index 2a41a9ae..075a9cbe 100644
--- a/resources/lang/en/token.php
+++ b/resources/lang/en/token.php
@@ -7,4 +7,5 @@ return array (
'create_success_tip' => 'The token was created successfully, this data is displayed only once, please save it properly
:token',
'last_used_at' => 'Recent usage time',
'token' => 'summary',
+ "permission_not_allowed" => "Permission::permission_text not allowed"
);
diff --git a/resources/lang/zh_CN/token.php b/resources/lang/zh_CN/token.php
index 6c4f1f36..27804465 100644
--- a/resources/lang/zh_CN/token.php
+++ b/resources/lang/zh_CN/token.php
@@ -7,4 +7,5 @@ return [
"create_success_tip" => "token 创建成功,此数据只展示一次,请妥善保存
:token",
"last_used_at" => "最近使用时间",
"token" => "摘要",
+ "permission_not_allowed" => "权限::permission_text 不被允许"
];
diff --git a/resources/lang/zh_TW/token.php b/resources/lang/zh_TW/token.php
index 4490e4bb..67449b56 100644
--- a/resources/lang/zh_TW/token.php
+++ b/resources/lang/zh_TW/token.php
@@ -7,4 +7,5 @@ return array (
'create_success_tip' => 'token 創建成功,此數據只展示一次,請妥善保存
:token',
'last_used_at' => '最近使用時間',
'token' => '摘要',
+ "permission_not_allowed" => "權限::permission_text 不被允許"
);
diff --git a/routes/web.php b/routes/web.php
index 4d2e8f0d..4e02f3af 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -25,7 +25,6 @@ Route::group(['prefix' => 'web', 'middleware' => ['auth.nexus:nexus-web']], func
Route::post('torrent-approval', [\App\Http\Controllers\TorrentController::class, 'approval']);
Route::post('token/add', [\App\Http\Controllers\TokenController::class, 'addToken']);
Route::post('token/del', [\App\Http\Controllers\TokenController::class, 'delToken']);
- Route::post('token/get-plain', [\App\Http\Controllers\TokenController::class, 'getPlainText']);
});
if (!isRunningInConsole()) {