tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

#10326 regenerate api token when update password

Browse Source
This commit is contained in:
Daniel Cebrian 2023-04-25 15:43:02 +02:00
parent 1bf69af3c8
commit d28cd1577b
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pandora_console/godmode/users/configure_user.php
View File

@ -747,6 +747,10 @@ if ($update_user) {
] ]
); );
$res3 = save_pass_history($id, $password_new); $res3 = save_pass_history($id, $password_new);
// Generate new API token.
$newToken = api_token_generate();
$res4 = update_user($id, ['api_token' => $newToken]);
} }
ui_print_result_message( ui_print_result_message(
@ -771,6 +775,10 @@ if ($update_user) {
'utimestamp' => time(), 'utimestamp' => time(),
] ]
); );
// Generate new API token.
$newToken = api_token_generate();
$res4 = update_user($id, ['api_token' => $newToken]);
} }
ui_print_result_message( ui_print_result_message(

3
pandora_console/include/functions_api.php
View File

@ -9612,6 +9612,7 @@ function api_set_new_user($id, $thrash2, $other, $thrash3)
$values['section'] = $other['data'][11]; $values['section'] = $other['data'][11];
$values['session_time'] = $other['data'][12]; $values['session_time'] = $other['data'][12];
$values['metaconsole_access_node'] = $other['data'][13]; $values['metaconsole_access_node'] = $other['data'][13];
$values['api_token'] = api_token_generate();
if (empty($password) === true) { if (empty($password) === true) {
returnError('Password cannot be empty.'); returnError('Password cannot be empty.');
@ -9708,6 +9709,8 @@ function api_set_update_user($id, $thrash2, $other, $thrash3)
if (!update_user_password($id, $other['data'][4])) { if (!update_user_password($id, $other['data'][4])) {
returnError('The user could not be updated. Password info incorrect.'); returnError('The user could not be updated. Password info incorrect.');
return; return;
} else {
$values['api_token'] = api_token_generate();
} }
} }