From 0014745d4ad0c5e95e4ebced95062a6272359bf5 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 8 Aug 2010 21:49:30 -0700
Subject: Add a button to the user profile page to let you reset your REST API
 key.  This is useful if you think it's been compromised in some way. Fixes
 ticket #1226.

---
 modules/rest/controllers/rest.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'modules/rest/controllers')

diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php
index bf2f0a54..a721ff2b 100644
--- a/modules/rest/controllers/rest.php
+++ b/modules/rest/controllers/rest.php
@@ -37,6 +37,22 @@ class Rest_Controller extends Controller {
     rest::reply(rest::access_key());
   }
 
+  public function reset_api_key_confirm() {
+    $form = new Forge("rest/reset_api_key", "", "post", array("id" => "g-reset-api-key"));
+    $group = $form->group("confirm_reset")->label(t("Confirm resetting your REST API key"));
+    $group->submit("")->value(t("Reset"));
+    $v = new View("reset_api_key_confirm.html");
+    $v->form = $form;
+    print $v;
+  }
+
+  public function reset_api_key() {
+    access::verify_csrf();
+    rest::reset_access_key();
+    message::success(t("Your REST API key has been reset."));
+    json::reply(array("result" => "success"));
+  }
+
   public function __call($function, $args) {
     try {
       $input = Input::instance();
-- 
cgit v1.2.3