diff --git a/src/www/system_usermanager.php b/src/www/system_usermanager.php
index ca900a3e5..ae18ebb29 100644
--- a/src/www/system_usermanager.php
+++ b/src/www/system_usermanager.php
@@ -205,6 +205,33 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
gettext("association removed.");
redirectHeader("system_usermanager.php?savemsg=".$savemsg."&act=edit&userid=".$id);
exit;
+ } elseif ($act == "newApiKey" && isset($id)) {
+ // every action is using the sequence of the user, to keep it understandable, we will use
+ // the same strategy here (although we need a username to work with)
+ //
+ // the client side is (jquery) generates the actual download file.
+ $username = $a_user[$id]['name'];
+ $authFactory = new \OPNsense\Auth\AuthenticationFactory;
+ $authenticator = $authFactory->get("Local API");
+ $keyData = $authenticator->createKey($username);
+ if ($keyData != null) {
+ echo json_encode($keyData);
+ }
+ exit;
+ } elseif ($act =='delApiKey' && isset($id)) {
+ $username = $a_user[$id]['name'];
+ if (!empty($pconfig['api_delete'])) {
+ $authFactory = new \OPNsense\Auth\AuthenticationFactory;
+ $authenticator = $authFactory->get("Local API");
+ $authenticator->dropKey($username, $pconfig['api_delete']);
+ $savemsg = gettext("API key")." {$pconfig['api_delete']} ".
+ gettext("removed.");
+ } else {
+ $savemsg = gettext('No API key found');
+ }
+ // redirect
+ redirectHeader("system_usermanager.php?savemsg=".$savemsg."&act=edit&userid=".$id);
+ exit;
} elseif (isset($pconfig['save'])) {
// save user
/* input validation */
@@ -509,11 +536,12 @@ $( document ).ready(function() {
// remove user
$(".act-del-user").click(function(event){
var userid = $(this).data('userid');
+ var username = $(this).data('username');
event.preventDefault();
BootstrapDialog.show({
type:BootstrapDialog.TYPE_INFO,
title: "",
- message: '' + '
('+userid+")",
+ message: '' + '
('+username+")",
buttons: [{
label: "",
action: function(dialogRef) {
@@ -521,7 +549,7 @@ $( document ).ready(function() {
}}, {
label: "",
action: function(dialogRef) {
- $("#username").val(userid);
+ $("#userid").val(userid);
$("#act2").val("deluser");
$("#iform2").submit();
}
@@ -549,6 +577,53 @@ $( document ).ready(function() {
}
});
+
+ // generate a new API key for this user
+ $("#newApiKey").click(function(event){
+ event.preventDefault();
+ $.post(window.location, {act: 'newApiKey', userid: $("#userid").val() }, function(data) {
+ if (data['key'] != undefined) {
+ // only generate a key file if there's data
+ output_data = 'key='+data['key'] +'\n' + 'secret='+data['secret'] +'\n';
+ // create link, click and send to client
+ $('')
+ .attr('id','downloadFile')
+ .attr('href','data:text/csv;charset=utf8,' + encodeURIComponent(output_data))
+ .attr('download','apikey.ini')
+ .appendTo('body');
+
+ $('#downloadFile').ready(function() {
+ $('#downloadFile').get(0).click();
+ });
+ // reload form
+ location.reload();
+ }
+ },'json');
+ });
+
+ // delete API key
+ $(".act-del-api-key").click(function(event){
+ event.preventDefault();
+ var apiKey = $(this).data('key');
+ BootstrapDialog.show({
+ type:BootstrapDialog.TYPE_INFO,
+ title: "",
+ message: '' + '
('+apiKey.substring(0,40)+"...)",
+ buttons: [{
+ label: "",
+ action: function(dialogRef) {
+ dialogRef.close();
+ }}, {
+ label: "",
+ action: function(dialogRef) {
+ $("#act").val("delApiKey");
+ $("#api_delete").val(apiKey);
+ $("#iform").submit();
+ }
+ }]
+ });
+ });
+
});
@@ -572,6 +647,7 @@ $( document ).ready(function() {
+
@@ -800,6 +876,60 @@ $( document ).ready(function() {
+
+ | |
+
+
+
+
+
+ |
+
+ |
+
+ |
+
+
+
+
+
+ |
+
+
+
+
+
+ |
+
+
+ |
+
+
+
+
+
+ |
+
+
+ |
+
+
+
+
+
+
+ |
+
0) :
@@ -943,7 +1073,8 @@ $( document ).ready(function() {