aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-19 06:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

[Greenfield] Allow passing email instead of user id in API (#4732)

Browse Source
This commit is contained in:
Nicolas Dorier
2023-03-03 21:24:27 +09:00
committed by GitHub
parent 0406b420c8
commit 5caa0e0722
9 changed files with 56 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
BTCPayServer/Controllers/GreenField/GreenfieldApiKeysController.cs
View File

@@ -50,12 +50,16 @@ namespace BTCPayServer.Controllers.Greenfield
return CreateUserAPIKey(_userManager.GetUserId(User), request);
}
[HttpPost("~/api/v1/users/{userId}/api-keys")]
[HttpPost("~/api/v1/users/{idOrEmail}/api-keys")]
[Authorize(Policy = Policies.CanManageUsers, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
public async Task<IActionResult> CreateUserAPIKey(string userId, CreateApiKeyRequest request)
public async Task<IActionResult> CreateUserAPIKey(string idOrEmail, CreateApiKeyRequest request)
{
request ??= new CreateApiKeyRequest();
request.Permissions ??= System.Array.Empty<Permission>();
var userId = (await _userManager.FindByIdOrEmail(idOrEmail))?.Id;
if (userId is null)
return this.UserNotFound();
var key = new APIKeyData()
{
Id = Encoders.Hex.EncodeData(RandomUtils.GetBytes(20)),
@@ -67,14 +71,7 @@ namespace BTCPayServer.Controllers.Greenfield
{
Permissions = request.Permissions.Select(p => p.ToString()).Distinct().ToArray()
});
try
{
await _apiKeyRepository.CreateKey(key);
}
catch (DbUpdateException)
{
return this.CreateAPIError("user-not-found", "This user does not exists");
}
await _apiKeyRepository.CreateKey(key);
return Ok(FromModel(key));
}
@@ -96,10 +93,13 @@ namespace BTCPayServer.Controllers.Greenfield
return RevokeAPIKey(_userManager.GetUserId(User), apikey);
}
[HttpDelete("~/api/v1/users/{userId}/api-keys/{apikey}", Order = 1)]
[HttpDelete("~/api/v1/users/{idOrEmail}/api-keys/{apikey}", Order = 1)]
[Authorize(Policy = Policies.CanManageUsers, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
public async Task<IActionResult> RevokeAPIKey(string userId, string apikey)
public async Task<IActionResult> RevokeAPIKey(string idOrEmail, string apikey)
{
var userId = (await _userManager.FindByIdOrEmail(idOrEmail))?.Id;
if (userId is null)
return this.UserNotFound();
if (!string.IsNullOrEmpty(apikey) &&
await _apiKeyRepository.Remove(apikey, userId))
return Ok();