From dfff8ad6673826fefdc9eca743e6c7d7f1e97cc5 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Wed, 28 Jul 2021 21:13:49 -0700
Subject: [PATCH] Cleanup frontend to only pass the required description field

---
 .../Api/Client/Account/StoreApiKeyRequest.php | 12 ---------
 app/Models/PersonalAccessToken.php            | 25 +++++++++++++++++++
 app/Models/Traits/HasAccessTokens.php         |  4 +--
 .../dashboard/forms/CreateApiKeyForm.tsx      | 16 +++---------
 4 files changed, 30 insertions(+), 27 deletions(-)

diff --git a/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php b/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php
index c2a21c4c0..d69960c54 100644
--- a/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php
+++ b/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php
@@ -13,18 +13,6 @@ class StoreApiKeyRequest extends ClientApiRequest
 
         return [
             'description' => $rules['memo'],
-            'allowed_ips' => $rules['allowed_ips'],
-            'allowed_ips.*' => 'ip',
-        ];
-    }
-
-    /**
-     * @return array|string[]
-     */
-    public function messages()
-    {
-        return [
-            'allowed_ips.*' => 'All of the IP addresses entered must be valid IPv4 addresses.',
         ];
     }
 }
diff --git a/app/Models/PersonalAccessToken.php b/app/Models/PersonalAccessToken.php
index 1ab887964..cd4720424 100644
--- a/app/Models/PersonalAccessToken.php
+++ b/app/Models/PersonalAccessToken.php
@@ -9,6 +9,11 @@ class PersonalAccessToken extends Model implements HasAbilities
 {
     public const RESOURCE_NAME = 'personal_access_token';
 
+    /**
+     * The length of the raw API token.
+     */
+    public const TOKEN_LENGTH = 32;
+
     /**
      * @var string[]
      */
@@ -28,6 +33,16 @@ class PersonalAccessToken extends Model implements HasAbilities
         'abilities',
     ];
 
+    /**
+     * @var array
+     */
+    public static array $validationRules = [
+        'token' => 'required|string',
+        'token_id' => 'required|string|size:16',
+        'description' => 'required|nullable|string|max:500',
+        'last_used_at' => 'nullable|date',
+    ];
+
     /**
      * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
      */
@@ -87,4 +102,14 @@ class PersonalAccessToken extends Model implements HasAbilities
 
         return static::where('token_id', $id)->where('token', hash('sha256', $token))->first();
     }
+
+    /**
+     * Generates a new identifier for a personal access token.
+     *
+     * @return string
+     */
+    public static function generateTokenIdentifier(): string
+    {
+        return 'ptdl_' . Str::random(11);
+    }
 }
diff --git a/app/Models/Traits/HasAccessTokens.php b/app/Models/Traits/HasAccessTokens.php
index 8e69db5c4..5cb944f2f 100644
--- a/app/Models/Traits/HasAccessTokens.php
+++ b/app/Models/Traits/HasAccessTokens.php
@@ -35,8 +35,8 @@ trait HasAccessTokens
         $token = $this->tokens()->create([
             'user_id' => $this->id,
             'description' => $description,
-            'token' => hash('sha256', $plain = Str::random(36)),
-            'token_id' => 'ptdl_' . Str::random(11),
+            'token' => hash('sha256', $plain = Str::random(PersonalAccessToken::TOKEN_LENGTH)),
+            'token_id' => PersonalAccessToken::generateTokenIdentifier(),
             'abilities' => $abilities,
         ]);
 
diff --git a/resources/scripts/components/dashboard/forms/CreateApiKeyForm.tsx b/resources/scripts/components/dashboard/forms/CreateApiKeyForm.tsx
index b97e38570..3c3146a79 100644
--- a/resources/scripts/components/dashboard/forms/CreateApiKeyForm.tsx
+++ b/resources/scripts/components/dashboard/forms/CreateApiKeyForm.tsx
@@ -8,9 +8,9 @@ import { ApplicationStore } from '@/state';
 import { httpErrorToHuman } from '@/api/http';
 import SpinnerOverlay from '@/components/elements/SpinnerOverlay';
 import { ApiKey } from '@/api/account/getApiKeys';
-import tw, { styled } from 'twin.macro';
+import tw from 'twin.macro';
 import Button from '@/components/elements/Button';
-import Input, { Textarea } from '@/components/elements/Input';
+import Input from '@/components/elements/Input';
 import ApiKeyModal from '@/components/dashboard/ApiKeyModal';
 
 interface Values {
@@ -18,8 +18,6 @@ interface Values {
     allowedIps: string;
 }
 
-const CustomTextarea = styled(Textarea)`${tw`h-32`}`;
-
 export default ({ onKeyCreated }: { onKeyCreated: (key: ApiKey) => void }) => {
     const [ apiKey, setApiKey ] = useState('');
     const { addError, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
@@ -52,7 +50,6 @@ export default ({ onKeyCreated }: { onKeyCreated: (key: ApiKey) => void }) => {
                 onSubmit={submit}
                 initialValues={{ description: '', allowedIps: '' }}
                 validationSchema={object().shape({
-                    allowedIps: string(),
                     description: string().required().min(4),
                 })}
             >
@@ -62,18 +59,11 @@ export default ({ onKeyCreated }: { onKeyCreated: (key: ApiKey) => void }) => {
                         <FormikFieldWrapper
                             label={'Description'}
                             name={'description'}
-                            description={'A description of this API key.'}
+                            description={'This API key will be able to act on your behalf against this Panel\'s API.'}
                             css={tw`mb-6`}
                         >
                             <Field name={'description'} as={Input}/>
                         </FormikFieldWrapper>
-                        <FormikFieldWrapper
-                            label={'Allowed IPs'}
-                            name={'allowedIps'}
-                            description={'Leave blank to allow any IP address to use this API key, otherwise provide each IP address on a new line.'}
-                        >
-                            <Field name={'allowedIps'} as={CustomTextarea}/>
-                        </FormikFieldWrapper>
                         <div css={tw`flex justify-end mt-6`}>
                             <Button>Create</Button>
                         </div>