Improve API client usability

app/Actions/User/Create.php

@@ -24,6 +24,7 @@ public function do(string $username, string $password, bool $mayUpload, bool $is
 			$user->is_locked = $isLocked;
 			$user->username = $username;
 			$user->password = bcrypt($password);
+			$user->token = strtr(base64_encode(random_bytes(16)), '+/', '-_');
 		} catch (\InvalidArgumentException $e) {
 			throw new InvalidPropertyException('Could not hash password', $e);
 		}

app/Http/Controllers/Administration/UserController.php

@@ -128,4 +128,29 @@ public function getEmail(): array
 			'email' => AccessControl::user()->email,
 		];
 	}
+
+	/**
+	 * Returns the currently authenticated user.
+	 *
+	 * @return User
+	 */
+	public function getCurrent(): User
+	{
+		return AccessControl::user();
+	}
+
+	/**
+	 * Reset the token of the currently authenticated user.
+	 *
+	 * @return User
+	 */
+	public function resetToken(): array
+	{
+		AccessControl::user()->token = strtr(base64_encode(random_bytes(16)), '+/', '-_');
+		AccessControl::user()->save();
+
+		return [
+			'token' => AccessControl::user()->token,
+		];
+	}
 }

app/Http/Middleware/AcceptContentType.php

@@ -37,7 +37,7 @@ class AcceptContentType
 	public function handle(Request $request, \Closure $next, string $contentType): mixed
 	{
 		if ($contentType === self::JSON) {
-			if (!$request->expectsJson()) {
+			if (!$request->acceptsJson()) {
 				throw new UnexpectedContentType(self::JSON);
 			}
 		} elseif ($contentType === self::HTML) {

app/Http/Middleware/ContentType.php

@@ -34,15 +34,17 @@ class ContentType
 	 */
 	public function handle(Request $request, \Closure $next, string $contentType): mixed
 	{
-		if ($contentType === self::JSON) {
+		$any = empty($request->getContentType()) || $request->getContentType() === '*/*';
+
+		if ($contentType === self::JSON && !$any) {
 			if (!$request->isJson()) {
 				throw new UnexpectedContentType(self::JSON);
 			}
-		} elseif ($contentType === self::MULTIPART) {
+		} elseif ($contentType === self::MULTIPART && !$any) {
 			if ($request->getContentType() !== 'form') {
 				throw new UnexpectedContentType(self::MULTIPART);
 			}
-		} else {
+		} elseif (!$any) {
 			throw new LycheeInvalidArgumentException('$contentType must either be "' . self::JSON . '" or "' . self::MULTIPART . '"');
 		}
 

app/Http/Middleware/VerifyCsrfToken.php

@@ -2,8 +2,10 @@
 
 namespace App\Http\Middleware;
 
-use App\Models\Configs;
+use App\Facades\AccessControl;
+use App\Models\User;
 use Closure;
+use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
 use Illuminate\Session\TokenMismatchException;
 
@@ -36,26 +38,24 @@ class VerifyCsrfToken extends Middleware
 	public function handle($request, Closure $next)
 	{
 		if ($request->is('api/*')) {
-			/**
-			 * default value is ''
-			 * we force it in case of the migration has not been done.
-			 */
-			$apiKey = Configs::get_value('api_key', '');
-
-			/*
-			 * if apiKey is the empty string we directly return the parent handle.
-			 */
-			if ($apiKey && $apiKey == '') {
+			$token = $request->header('Authorization');
+			if (!$token) {
 				return parent::handle($request, $next);
 			}
 
-			/*
-			 * We are currently checking for Authorization.
-			 * Do we also want to check if there is a POST value with the apiKey ?
-			 */
-			if ($apiKey && $request->header('Authorization') === $apiKey) {
-				return $next($request);
+			/** @var User $user */
+			$user = User::query()->where('token', '=', $token)->get();
+			if ($user instanceof Collection) {
+				$user = $user->get(0);
 			}
+
+			if ($user === null) {
+				return parent::handle($request, $next);
+			}
+
+			AccessControl::log_as_id($user->id);
+
+			return $next($request);
 		}
 
 		return parent::handle($request, $next);

app/Locale/ChineseSimplified.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => '设置 OpenStreetMap 图层提供者',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => '智能相册',
 			'SHARED_ALBUMS' => '已共享的相册',

app/Locale/ChineseTraditional.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => '設置OpenStreetMap圖層提供者',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => '智能相簿',
 			'SHARED_ALBUMS' => '共享的相簿',

app/Locale/Czech.php

@@ -56,6 +56,8 @@ public function get_locale(): array
 			'SAVE_RISK' => 'Uložit změny, rizika jsou mi známa!',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Chytrá alba',
 			'SHARED_ALBUMS' => 'Sdílená alba',

app/Locale/Dutch.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Slimme albums',
 			'SHARED_ALBUMS' => 'Shared albums',

app/Locale/English.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Smart albums',
 			'SHARED_ALBUMS' => 'Shared albums',

app/Locale/French.php

@@ -58,6 +58,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Selectioner le fournisseur de données cartographiques',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Smart Albums',
 			'SHARED_ALBUMS' => 'Albums partagés',

app/Locale/German.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Speichere Provider für OpenStreetMap Karten',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'API-Schlüssel anzeigen',
+			'RESET' => 'Zurücksetzen',
 
 			'SAVE_RISK' => 'Änderungen speichern, ich kenne das Risiko!',
 

app/Locale/Greek.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Έξυπνα λευκώματα',
 			'SHARED_ALBUMS' => 'Κοινόχρηστα λευκώματα',

app/Locale/Italian.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Album smart',
 			'SHARED_ALBUMS' => 'Album condivisi',

app/Locale/NorwegianBokmal.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Lagre leverandør for OpenStreetMap fliser',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Automatiske album',
 			'SHARED_ALBUMS' => 'Delte album',

app/Locale/Polish.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Inteligentne albumy',
 			'SHARED_ALBUMS' => 'Udostępnione albumy',

app/Locale/Portuguese.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Escolher OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Smart álbums',
 			'SHARED_ALBUMS' => 'Álbums partilhados',

app/Locale/Russian.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Метаальбомы',
 			'SHARED_ALBUMS' => 'Общие альбомы',

app/Locale/Slovak.php

@@ -56,6 +56,8 @@ public function get_locale(): array
 			'SAVE_RISK' => 'Zmeny uložiť, riziko je známe!',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Inteligentné albumy',
 			'SHARED_ALBUMS' => 'Zdieľané albumy',

app/Locale/Spanish.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Álbumes inteligentes',
 			'SHARED_ALBUMS' => 'Álbumes compartidos',

app/Locale/Swedish.php

@@ -55,6 +55,8 @@ public function get_locale(): array
 			'SET_MAP_PROVIDER' => 'Set OpenStreetMap tiles provider',
 			'FULL_SETTINGS' => 'Full Settings',
 			'UPDATE' => 'Update',
+			'VIEW_TOKEN' => 'View API token',
+			'RESET' => 'Reset',
 
 			'SMART_ALBUMS' => 'Smarta album',
 			'SHARED_ALBUMS' => 'Shared albums',

app/Models/User.php

@@ -30,6 +30,7 @@
  * @property string|null                                           $email
  * @property bool                                                  $may_upload
  * @property bool                                                  $is_locked
+ * @property string                                                $token
  * @property string|null                                           $remember_token
  * @property Collection<BaseAlbumImpl>                             $albums
  * @property DatabaseNotificationCollection|DatabaseNotification[] $notifications

database/migrations/2022_06_12_075709_add_token_to_user_table.php

@@ -0,0 +1,64 @@
+<?php
+
+use App\Models\Configs;
+use App\Models\User;
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;
+
+class AddTokenToUserTable extends Migration
+{
+	/**
+	 * Run the migrations.
+	 *
+	 * @return void
+	 *
+	 * @throws Exception
+	 */
+	public function up(): void
+	{
+		$key_length = 16;
+
+		$old_key = Configs::get_value('api_key', '');
+		if (!$old_key) {
+			$old_key = strtr(base64_encode(random_bytes($key_length)), '+/', '-_');
+		}
+
+		Configs::where('key', '=', 'api_key')->delete();
+
+		Schema::table('users', function (Blueprint $table) {
+			$table->char('token', 100)->unique()->after('email')->default('needs-to-be-set');
+		});
+
+		foreach (User::all() as $user) {
+			if ($user->id === 0) {
+				$user->token = $old_key;
+			} else {
+				$user->token = strtr(base64_encode(random_bytes($key_length)), '+/', '-_');
+			}
+			$user->save();
+		}
+	}
+
+	/**
+	 * Reverse the migrations.
+	 *
+	 * @return void
+	 */
+	public function down(): void
+	{
+		DB::table('configs')->insert([
+			[
+				'key' => 'api_key',
+				'value' => User::query()->findOrFail(0)->token,
+				'confidentiality' => 0,
+				'cat' => 'config',
+			],
+		]);
+
+		Schema::table('users', function (Blueprint $table) {
+			$table->dropColumn('token');
+		});
+	}
+}