mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-09 20:52:56 +01:00
Merge branch 'develop' of github.com:invoiceninja/invoiceninja into develop
This commit is contained in:
commit
6880e3abd2
@ -351,7 +351,8 @@ if (!defined('APP_NAME'))
|
||||
define('DEFAULT_API_PAGE_SIZE', 15);
|
||||
define('MAX_API_PAGE_SIZE', 500);
|
||||
|
||||
define('IOS_PUSH_CERTIFICATE', env('IOS_PUSH_CERTIFICATE', ''));
|
||||
define('IOS_DEVICE', env('IOS_DEVICE', ''));
|
||||
define('ANDROID_DEVICE', env('ANDROID_DEVICE', ''));
|
||||
|
||||
define('TOKEN_BILLING_DISABLED', 1);
|
||||
define('TOKEN_BILLING_OPT_IN', 2);
|
||||
|
@ -27,11 +27,14 @@ class AccountApiController extends BaseAPIController
|
||||
$this->accountRepo = $accountRepo;
|
||||
}
|
||||
|
||||
public function ping()
|
||||
public function ping(Request $request)
|
||||
{
|
||||
$headers = Utils::getApiHeaders();
|
||||
|
||||
if(hash_equals(env(API_SECRET),$request->api_secret))
|
||||
return Response::make(RESULT_SUCCESS, 200, $headers);
|
||||
else
|
||||
return $this->errorResponse(['message'=>'API Secret does not match .env variable'], 400);
|
||||
}
|
||||
|
||||
public function register(RegisterRequest $request)
|
||||
|
@ -25,7 +25,9 @@ class ApiCheck {
|
||||
{
|
||||
$loggingIn = $request->is('api/v1/login')
|
||||
|| $request->is('api/v1/register')
|
||||
|| $request->is('api/v1/oauth_login');
|
||||
|| $request->is('api/v1/oauth_login')
|
||||
|| $request->is('api/v1/ping');
|
||||
|
||||
$headers = Utils::getApiHeaders();
|
||||
$hasApiSecret = false;
|
||||
|
||||
@ -38,7 +40,8 @@ class ApiCheck {
|
||||
// check API secret
|
||||
if ( ! $hasApiSecret) {
|
||||
sleep(ERROR_DELAY);
|
||||
return Response::json('Invalid value for API_SECRET', 403, $headers);
|
||||
$error['error'] = ['message'=>'Invalid value for API_SECRET'];
|
||||
return Response::json($error, 403, $headers);
|
||||
}
|
||||
} else {
|
||||
// check for a valid token
|
||||
@ -50,7 +53,8 @@ class ApiCheck {
|
||||
Session::set('token_id', $token->id);
|
||||
} else {
|
||||
sleep(ERROR_DELAY);
|
||||
return Response::json('Invalid token', 403, $headers);
|
||||
$error['error'] = ['message'=>'Invalid token'];
|
||||
return Response::json($error, 403, $headers);
|
||||
}
|
||||
}
|
||||
|
||||
@ -59,7 +63,8 @@ class ApiCheck {
|
||||
}
|
||||
|
||||
if (!Utils::hasFeature(FEATURE_API) && !$hasApiSecret) {
|
||||
return Response::json('API requires pro plan', 403, $headers);
|
||||
$error['error'] = ['message'=>'API requires pro plan'];
|
||||
return Response::json($error, 403, $headers);
|
||||
} else {
|
||||
$key = Auth::check() ? Auth::user()->account->id : $request->getClientIp();
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user