adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-02 04:15:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

fixes #2355 implement API key management system

Browse Source 
- Added API key get, creation, editing, and revocation methods.

- Updated the profile template to include API key management features.

- Updated the database schema to support the new API key system, including additional fields for key management.

- Added client-side JavaScript functionality to handle API key operations and display responses.

- Update tools/htm.ws with the new way to authenticate.

- Restriction of certain api methods when used with an api key

- Backward compatibility with older apps
This commit is contained in:
Linty
2025-06-09 20:35:57 +02:00
parent 2624be1c90
commit ae740ba3af
20 changed files with 1937 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files
install/db/176-database.php
+36
View File
@@ -0,0 +1,36 @@
<?php
// +-----------------------------------------------------------------------+
// | This file is part of Piwigo. |
// | |
// | For copyright and license information, please view the COPYING.txt |
// | file that was distributed with this source code. |
// +-----------------------------------------------------------------------+
if (!defined('PHPWG_ROOT_PATH'))
{
die('Hacking attempt!');
}
$upgrade_description = 'Modification to the user_auth_key table to match the api keys';
// we are modifying the "auth_key" table structure to support the new API key system.
// the existing structure was too limited for our needs, this update ensures better
// flexibility and security for managing API access tokens in the future.
pwg_query(
'ALTER TABLE `'.PREFIX_TABLE.'user_auth_keys`
ADD COLUMN `apikey_secret` VARCHAR(255) DEFAULT NULL AFTER auth_key,
ADD COLUMN `apikey_name` VARCHAR(100) DEFAULT NULL,
ADD COLUMN `key_type` VARCHAR(40) DEFAULT NULL,
ADD COLUMN `revoked_on` datetime DEFAULT NULL,
ADD COLUMN `last_used_on` datetime DEFAULT NULL
;');
// For rows that already exist in the table, we add a key_type
pwg_query(
'UPDATE `'.PREFIX_TABLE.'user_auth_keys`
SET `key_type` = \'auth_key\'
WHERE `key_type` IS NULL
;');
echo "\n".$upgrade_description."\n";
?>