added encryption to the first functions

This commit is contained in:
tracer 2022-09-29 19:23:47 +02:00
parent 19576dd6b7
commit 402934f02c
1 changed files with 629 additions and 622 deletions

View File

@ -63,6 +63,8 @@ class RequestController
* @param DomainRepository $domainRepository
* @param DynDNSRepository $dynDNSRepository
* @param PanelRepository $panelRepository
* @param ConfigController $configController
* @param EncryptionController $encryptionController
* @param Logger $logger
*/
public function __construct(
@ -72,6 +74,8 @@ class RequestController
private readonly DomainRepository $domainRepository,
private readonly DynDNSRepository $dynDNSRepository,
private readonly PanelRepository $panelRepository,
private readonly ConfigController $configController,
private readonly EncryptionController $encryptionController,
private readonly Logger $logger)
{
$this->status = '';
@ -296,8 +300,11 @@ class RequestController
} else {
[$prefix,] = explode(separator: '.', string: $apiKey);
if ($apiResult = $this->apikeyRepository->findByPrefix(prefix: $prefix)) {
$storedHash = $apiResult->getApiToken();
if (!password_verify(password: $apiKey, hash: $storedHash)) {
$encryptedHash = $apiResult->getApikey();
$encryptionKey = $this->configController->getConfig(configKey: 'encryptionKey');
$decryptedHash = $this->encryptionController->safeDecrypt(encrypted: $encryptedHash, key: $encryptionKey);
if (!password_verify(password: $apiKey, hash: $decryptedHash)) {
$this->status = "401 Unauthorized";
$this->message = "API key mismatch.";
return false;