Mirrors/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-09-19 16:01:34 +02:00
Code Issues Releases Activity

API error reporting (#1276)

Browse Source 
* fix env variable

* update routes

* Improve error handling for API_SECRET when testing API endpoint credentials
This commit is contained in:
David Bomba 2017-01-11 18:34:29 +11:00 committed by GitHub
parent bf2248c33a
commit 3c19ac08cd
2 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Http/Controllers/AccountApiController.php
View File

@ -27,11 +27,14 @@ class AccountApiController extends BaseAPIController
$this->accountRepo = $accountRepo;
}
public function ping()
public function ping(Request $request)
{
$headers = Utils::getApiHeaders();
return Response::make(RESULT_SUCCESS, 200, $headers);
if(hash_equals(env(API_SECRET),$request->api_secret))
return Response::make(RESULT_SUCCESS, 200, $headers);
else
return $this->errorResponse(['message'=>'API Secret does not match .env variable'], 400);
}
public function register(RegisterRequest $request)

6
app/Http/Middleware/ApiCheck.php
View File

@ -38,7 +38,7 @@ class ApiCheck {
// check API secret
if ( ! $hasApiSecret) {
sleep(ERROR_DELAY);
return Response::json('Invalid value for API_SECRET', 403, $headers);
return Response::json(['message'=>'Invalid value for API_SECRET'], 403, $headers);
}
} else {
// check for a valid token
@ -50,7 +50,7 @@ class ApiCheck {
Session::set('token_id', $token->id);
} else {
sleep(ERROR_DELAY);
return Response::json('Invalid token', 403, $headers);
return Response::json(['message'=>'Invalid token'], 403, $headers);
}
}
@ -59,7 +59,7 @@ class ApiCheck {
}
if (!Utils::hasFeature(FEATURE_API) && !$hasApiSecret) {
return Response::json('API requires pro plan', 403, $headers);
return Response::json(['message'=>'API requires pro plan'], 403, $headers);
} else {
$key = Auth::check() ? Auth::user()->account->id : $request->getClientIp();