Main difference is permissions, cleaner UI for normal users, and account keys use permissions assigned to servers and subusers while application keys use R/W ACLs stored in the key table.
Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.
* Fix @param namespaces for PHPDocs in ServerPolicy
* Reduce permission check duplication in ServerPolicy
This introduces a new checkPermission method to reduce code duplication when checking for permissions.
* Simplify logic to list accessible servers for the user
We can directly use the pluck function that laravel collections provide to simplify the logic.
* Fix pagination issue when databases/servers exceed 20
Laravels strips out the currently selected tab (or any GET query for that matter) by default when using pagination. the appends() methods helps with keeping that information.
* Refactor unnecessary array_merge calls
We can just append to the array instead of constantly merging a new copy.
* Fix accessing “API Access” on some versions of PHP
The “new” word is reserved and should not be used as a method name.
http://stackoverflow.com/questions/9575590/why-am-i-getting-an-unexpected-t-new-error-in-php
* Fix revoking API keys on older versions of php (5.6)
“string” was not a valid function argument type yet, so revoking keys results in an error on older installations.
* Fix issues with API due to methods named “list”
“list” is yet another reserved keyword in PHP and messes up older installations of PHP (5.6).
This renames all methods named “list” to “lists”. The API route names are left untouched (e.g. still called “api.admin.users.list”).
* Refactor and shorten some API logic
Used laravel collection methods where applicable to directly transform the values instead of converting back and forth.
This also removes some dead variables that were never used as well as getting rid of a n+1 problem in the Service API (loading service variables afterwards, not during the model creation).
* Return model save status in repositories where applicable
* Fix typo in ServicePolicy#powerStart
* Apply StyleCI corrections