7 commits

Author	SHA1	Message	Date
Dane Everitt	e0fb7fa30c	Fix failing ApiKeyCreationService test	2018-01-13 16:23:43 -06:00
Dane Everitt	e3df0738da	Change the way API keys are stored and validated; clarify API namespacing ... Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.	2018-01-13 16:06:19 -06:00
Dane Everitt	47e14ccaae	API key UI changes and backend storage of the keys	2017-11-19 13:32:17 -06:00
Dane Everitt	2f42396317	Fix bug with permissions including more than one dash, closes #727	2017-11-05 13:42:57 -06:00
Dane Everitt	e56f4cdd33	Update license headers on files.	2017-09-25 21:43:01 -05:00
Dane Everitt	a8c4d6afdb	Update random ID method to use str_random and not random_bytes ... The use of random_bytes in combination with bin2hex was producing a lot of duplicate keys when tested in batches of 10k (anywhere from 2 to 6). The use of str_random yielded no duplicates even at scales of 100k keys that were 8 characters.	2017-09-13 23:07:02 -05:00
Dane Everitt	e045ef443a	Should wrap up the base landing page stuff for accounts, next step is server rendering	2017-08-30 21:11:14 -05:00

Renamed from app/Services/Api/KeyService.php (Browse further)