lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 12:30:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix createToken not allowed

Browse Source
This commit is contained in:
xiaomlove
2025-05-29 15:24:36 +07:00
parent e5947a8586
commit 6c8e53ad7e
5 changed files with 9 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
app/Http/Controllers/TokenController.php
View File

@@ -3,7 +3,6 @@
namespace App\Http\Controllers;
use App\Exceptions\NexusException;
use App\Models\PersonalAccessTokenPlain;
use App\Repositories\TokenRepository;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
@@ -29,6 +28,12 @@ class TokenController extends Controller
if ($count >= 5) {
throw new NexusException(nexus_trans("token.maximum_allow_number_reached"));
}
$allowed = TokenRepository::listUserTokenPermissionAllowed();
foreach ($request->permissions as $permission) {
if (!in_array($permission, $allowed)) {
throw new NexusException(nexus_trans("token.permission_not_allowed", ['permission_text' => nexus_trans("route-permission.{$permission}.text")]));
}
}
$newAccessToken = $user->createToken($request->name, $request->permissions);
$tokenText = $newAccessToken->plainTextToken;
$msg = nexus_trans("token.create_success_tip", ['token' => $tokenText]);
@@ -52,28 +57,5 @@ class TokenController extends Controller
}
}
public function getPlainText(Request $request)
{
try {
$request->validate([
'id' => 'required|integer',
]);
$user = Auth::user();
$token = $user->tokens()->where("id", $request->id)->first();
if (!$token) {
throw new NexusException("Token not found");
}
$plainRecord = PersonalAccessTokenPlain::query()->where("access_token_id", $token->id)->first();
if (!$plainRecord) {
throw new NexusException("Plain record not found");
}
return $this->success($plainRecord->plain_text_token);
} catch (\Exception $exception) {
return $this->fail(false, $exception->getMessage());
}
}
}