diff options
Diffstat (limited to 'perllib/FixMyStreet/App/Controller')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth/Profile.pm | 22 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Dashboard.pm | 4 |
3 files changed, 28 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 80e407147..455022e03 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -419,6 +419,8 @@ Mainly intended for testing but might also be useful for ajax calls. sub check_auth : Local { my ( $self, $c ) = @_; + $c->authenticate(undef, 'access_token') unless $c->user; + # choose the response my ( $body, $code ) # = $c->user diff --git a/perllib/FixMyStreet/App/Controller/Auth/Profile.pm b/perllib/FixMyStreet/App/Controller/Auth/Profile.pm index acffd3019..5e6fe6266 100644 --- a/perllib/FixMyStreet/App/Controller/Auth/Profile.pm +++ b/perllib/FixMyStreet/App/Controller/Auth/Profile.pm @@ -4,6 +4,8 @@ use namespace::autoclean; BEGIN { extends 'Catalyst::Controller'; } +use mySociety::AuthToken; + =head1 NAME FixMyStreet::App::Controller::Auth::Profile - Catalyst Controller @@ -146,6 +148,26 @@ sub change_phone_success : Path('/auth/change_phone/success') { $c->res->redirect('/my'); } +sub generate_token : Path('/auth/generate_token') { + my ($self, $c) = @_; + + $c->detach( '/page_error_403_access_denied', [] ) + unless $c->user and ( $c->user->is_superuser or $c->user->from_body ); + + $c->stash->{template} = 'auth/generate_token.html'; + $c->forward('/auth/get_csrf_token'); + + if ($c->req->method eq 'POST') { + $c->forward('/auth/check_csrf_token'); + my $token = mySociety::AuthToken::random_token(); + $c->user->set_extra_metadata('access_token', $token); + $c->user->update(); + $c->stash->{token_generated} = 1; + } + + $c->stash->{existing_token} = $c->user->get_extra_metadata('access_token'); +} + __PACKAGE__->meta->make_immutable; 1; diff --git a/perllib/FixMyStreet/App/Controller/Dashboard.pm b/perllib/FixMyStreet/App/Controller/Dashboard.pm index bc9e78333..834d9c8d6 100644 --- a/perllib/FixMyStreet/App/Controller/Dashboard.pm +++ b/perllib/FixMyStreet/App/Controller/Dashboard.pm @@ -76,6 +76,10 @@ Show the summary statistics table. sub index : Path : Args(0) { my ( $self, $c ) = @_; + if ($c->get_param('export')) { + $c->authenticate(undef, "access_token"); + } + my $body = $c->stash->{body} = $c->forward('check_page_allowed'); if ($body) { |