Commit graph

16 commits

Author SHA1 Message Date
Matthew Penner
cbcf62086f
Upgrade to Laravel 9 ()
Co-authored-by: DaneEveritt <dane@daneeveritt.com>
2022-10-14 10:59:20 -06:00
DaneEveritt
e9c633fd03
Update transformers and controllers to no longer pull an API key attribute 2022-05-22 15:37:39 -04:00
Dane Everitt
e8a8405899
Remove tests 2021-11-03 21:22:14 -07:00
Dane Everitt
c449ca5155
Use more standardized phpcs 2021-01-23 12:33:34 -08:00
Dane Everitt
a043071e3c
Update to Laravel 8
Co-authored-by: Matthew Penner <me@matthewp.io>
2021-01-23 12:12:54 -08:00
Dane Everitt
2f2d105a4f
Fix test cases 2020-11-10 20:13:55 -08:00
Dane Everitt
536180ed0c
Return Http test cases to a passing state 2020-06-23 21:59:37 -07:00
devfrey
2fecba2500 Fix tests by adding required return type hints 2020-05-09 18:00:52 +02:00
Dane Everitt
4c41bd9075
Fix some broken tests 2018-02-25 15:34:01 -06:00
Dane Everitt
e28973bcae
Move everything around as needed to get things setup for the client API 2018-02-25 15:30:56 -06:00
Dane Everitt
06335a1e47
Update test namespace 2018-01-19 20:00:28 -06:00
Dane Everitt
0e7f8cedf0
Reorganize API files 2018-01-19 19:58:57 -06:00
Dane Everitt
c59d3a96aa
Add test for new middleware 2018-01-18 21:41:45 -06:00
Dane Everitt
f9fc3f4370
Update interface to begin change to seperate account API keys and application keys
Main difference is permissions, cleaner UI for normal users, and account keys use permissions assigned to servers and subusers while application keys use R/W ACLs stored in the key table.
2018-01-14 13:30:55 -06:00
Dane Everitt
ad3a954256
Rename APIKey to ApiKey 2018-01-14 12:06:15 -06:00
Dane Everitt
e3df0738da
Change the way API keys are stored and validated; clarify API namespacing
Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.
2018-01-13 16:06:19 -06:00