From 0014745d4ad0c5e95e4ebced95062a6272359bf5 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 8 Aug 2010 21:49:30 -0700
Subject: Add a button to the user profile page to let you reset your REST API
 key.  This is useful if you think it's been compromised in some way. Fixes
 ticket #1226.

---
 modules/rest/helpers/rest.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'modules/rest/helpers/rest.php')

diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index 73d09c64..333daf95 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -87,6 +87,16 @@ class rest_Core {
     identity::set_active_user($user);
   }
 
+  static function reset_access_key() {
+    $key = ORM::factory("user_access_key")
+      ->where("user_id", "=", identity::active_user()->id)
+      ->find();
+    if ($key->loaded()) {
+      $key->delete();
+    }
+    return rest::access_key();
+  }
+
   static function access_key() {
     $key = ORM::factory("user_access_key")
       ->where("user_id", "=", identity::active_user()->id)
-- 
cgit v1.2.3