diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php index 07794733..1564ac79 100644 --- a/src/Controller/UserController.php +++ b/src/Controller/UserController.php @@ -47,7 +47,6 @@ use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\User\UserInterface; -use Symfony\Component\Security\Http\Attribute\IsGranted; /** * @author Jordi Boggiano @@ -78,6 +77,25 @@ public function showAction(Request $request): Response ]); } + #[Route('/profile/regenerate-token', name: 'profile_regenerate_token')] + + public function regenerateToken(Request $request): Response + { + $user = $this->getUser(); + if (!$user instanceof User) { + throw $this->createNotFoundException(); + } + + if (!$this->isCsrfTokenValid('token', $request->query->get('_token'))) { + return new Response('Invalid Csrf Params', 400); + } + + $user->generateApiToken(); + $this->getEM()->flush(); + + return $this->redirectToRoute('profile_show'); + } + #[Route('/profile/edit', name: 'profile_edit')] public function editAction(Request $request): Response { diff --git a/templates/profile/show.html.twig b/templates/profile/show.html.twig index 9a5cfdda..ce67f356 100644 --- a/templates/profile/show.html.twig +++ b/templates/profile/show.html.twig @@ -6,6 +6,8 @@
{% set isMaintainer = is_granted('ROLE_MAINTAINER') %} {% set apiToken = get_api_token(app.user, false, true) %} + {% set token = csrf_token('token') %} + {%- if apiToken is not null %}

{{ 'profile.your_api_token'|trans }}

@@ -15,6 +17,7 @@ + Regenerate token

You need to authenticate to access their Composer repository, for example to enter credentials run command:

composer config --global --auth http-basic.{{ app.request.getHttpHost() }} {{ user.userIdentifier }} {{ show_api_token(apiToken) }}