diff --git a/app/Api/ApiToken.php b/app/Api/ApiToken.php
index 5c2d591e4..ca89c813e 100644
--- a/app/Api/ApiToken.php
+++ b/app/Api/ApiToken.php
@@ -52,4 +52,12 @@ class ApiToken extends Model implements Loggable
{
return "({$this->id}) {$this->name}; User: {$this->user->logDescriptor()}";
}
+
+ /**
+ * Get the URL for managing this token.
+ */
+ public function getUrl(string $path = ''): string
+ {
+ return url("/api-tokens/{$this->user_id}/{$this->id}/" . trim($path, '/'));
+ }
}
diff --git a/app/Api/UserApiTokenController.php b/app/Api/UserApiTokenController.php
index 8357420ee..7455be4ff 100644
--- a/app/Api/UserApiTokenController.php
+++ b/app/Api/UserApiTokenController.php
@@ -14,16 +14,17 @@ class UserApiTokenController extends Controller
/**
* Show the form to create a new API token.
*/
- public function create(int $userId)
+ public function create(Request $request, int $userId)
{
- // Ensure user is has access-api permission and is the current user or has permission to manage the current user.
$this->checkPermission('access-api');
$this->checkPermissionOrCurrentUser('users-manage', $userId);
+ $this->updateContext($request);
$user = User::query()->findOrFail($userId);
return view('users.api-tokens.create', [
'user' => $user,
+ 'back' => $this->getRedirectPath($user),
]);
}
@@ -60,14 +61,16 @@ class UserApiTokenController extends Controller
session()->flash('api-token-secret:' . $token->id, $secret);
$this->logActivity(ActivityType::API_TOKEN_CREATE, $token);
- return redirect($user->getEditUrl('/api-tokens/' . $token->id));
+ return redirect($token->getUrl());
}
/**
* Show the details for a user API token, with access to edit.
*/
- public function edit(int $userId, int $tokenId)
+ public function edit(Request $request, int $userId, int $tokenId)
{
+ $this->updateContext($request);
+
[$user, $token] = $this->checkPermissionAndFetchUserToken($userId, $tokenId);
$secret = session()->pull('api-token-secret:' . $token->id, null);
@@ -76,6 +79,7 @@ class UserApiTokenController extends Controller
'token' => $token,
'model' => $token,
'secret' => $secret,
+ 'back' => $this->getRedirectPath($user),
]);
}
@@ -97,7 +101,7 @@ class UserApiTokenController extends Controller
$this->logActivity(ActivityType::API_TOKEN_UPDATE, $token);
- return redirect($user->getEditUrl('/api-tokens/' . $token->id));
+ return redirect($token->getUrl());
}
/**
@@ -123,7 +127,7 @@ class UserApiTokenController extends Controller
$this->logActivity(ActivityType::API_TOKEN_DELETE, $token);
- return redirect($user->getEditUrl('#api_tokens'));
+ return redirect($this->getRedirectPath($user));
}
/**
@@ -142,4 +146,30 @@ class UserApiTokenController extends Controller
return [$user, $token];
}
+
+ /**
+ * Update the context for where the user is coming from to manage API tokens.
+ * (Track of location for correct return redirects)
+ */
+ protected function updateContext(Request $request): void
+ {
+ $context = $request->query('context');
+ if ($context) {
+ session()->put('api-token-context', $context);
+ }
+ }
+
+ /**
+ * Get the redirect path for the current api token editing session.
+ * Attempts to recall the context of where the user is editing from.
+ */
+ protected function getRedirectPath(User $relatedUser): string
+ {
+ $context = session()->get('api-token-context');
+ if ($context === 'settings') {
+ return $relatedUser->getEditUrl('#api_tokens');
+ }
+
+ return url('/my-account/auth#api_tokens');
+ }
}
diff --git a/resources/views/users/account/auth.blade.php b/resources/views/users/account/auth.blade.php
index 3503978cf..d6f85093b 100644
--- a/resources/views/users/account/auth.blade.php
+++ b/resources/views/users/account/auth.blade.php
@@ -82,6 +82,6 @@
@endif
@if(userCan('access-api'))
- @include('users.api-tokens.parts.list', ['user' => user()])
+ @include('users.api-tokens.parts.list', ['user' => user(), 'context' => 'my-account'])
@endif
@stop
diff --git a/resources/views/users/api-tokens/create.blade.php b/resources/views/users/api-tokens/create.blade.php
index 9cf772082..8250c5ae8 100644
--- a/resources/views/users/api-tokens/create.blade.php
+++ b/resources/views/users/api-tokens/create.blade.php
@@ -7,8 +7,8 @@
<main class="card content-wrap auto-height">
<h1 class="list-heading">{{ trans('settings.user_api_token_create') }}</h1>
- <form action="{{ $user->getEditUrl('/create-api-token') }}" method="post">
- {!! csrf_field() !!}
+ <form action="{{ url('/api-tokens/' . $user->id . '/create') }}" method="post">
+ {{ csrf_field() }}
<div class="setting-list">
@include('users.api-tokens.parts.form')
@@ -21,7 +21,7 @@
</div>
<div class="form-group text-right">
- <a href="{{ $user->getEditUrl('#api_tokens') }}" class="button outline">{{ trans('common.cancel') }}</a>
+ <a href="{{ $back }}" class="button outline">{{ trans('common.cancel') }}</a>
<button class="button" type="submit">{{ trans('common.save') }}</button>
</div>
diff --git a/resources/views/users/api-tokens/delete.blade.php b/resources/views/users/api-tokens/delete.blade.php
index 45f0e2fa0..2b9a29e6a 100644
--- a/resources/views/users/api-tokens/delete.blade.php
+++ b/resources/views/users/api-tokens/delete.blade.php
@@ -11,11 +11,11 @@
<div class="grid half">
<p class="text-neg"><strong>{{ trans('settings.user_api_token_delete_confirm') }}</strong></p>
<div>
- <form action="{{ $user->getEditUrl('/api-tokens/' . $token->id) }}" method="POST" class="text-right">
- {!! csrf_field() !!}
- {!! method_field('delete') !!}
+ <form action="{{ $token->getUrl() }}" method="POST" class="text-right">
+ {{ csrf_field() }}
+ {{ method_field('delete') }}
- <a href="{{ $user->getEditUrl('/api-tokens/' . $token->id) }}" class="button outline">{{ trans('common.cancel') }}</a>
+ <a href="{{ $token->getUrl() }}" class="button outline">{{ trans('common.cancel') }}</a>
<button type="submit" class="button">{{ trans('common.confirm') }}</button>
</form>
</div>
diff --git a/resources/views/users/api-tokens/edit.blade.php b/resources/views/users/api-tokens/edit.blade.php
index 61c1ac2a6..aa3e49ded 100644
--- a/resources/views/users/api-tokens/edit.blade.php
+++ b/resources/views/users/api-tokens/edit.blade.php
@@ -7,9 +7,9 @@
<main class="card content-wrap auto-height">
<h1 class="list-heading">{{ trans('settings.user_api_token') }}</h1>
- <form action="{{ $user->getEditUrl('/api-tokens/' . $token->id) }}" method="post">
- {!! method_field('put') !!}
- {!! csrf_field() !!}
+ <form action="{{ $token->getUrl() }}" method="post">
+ {{ method_field('put') }}
+ {{ csrf_field() }}
<div class="setting-list">
@@ -52,8 +52,8 @@
</div>
<div class="form-group text-right">
- <a href="{{ $user->getEditUrl('#api_tokens') }}" class="button outline">{{ trans('common.back') }}</a>
- <a href="{{ $user->getEditUrl('/api-tokens/' . $token->id . '/delete') }}" class="button outline">{{ trans('settings.user_api_token_delete') }}</a>
+ <a href="{{ $back }}" class="button outline">{{ trans('common.back') }}</a>
+ <a href="{{ $token->getUrl('/delete') }}" class="button outline">{{ trans('settings.user_api_token_delete') }}</a>
<button class="button" type="submit">{{ trans('common.save') }}</button>
</div>
</div>
diff --git a/resources/views/users/api-tokens/parts/list.blade.php b/resources/views/users/api-tokens/parts/list.blade.php
index 3081682a4..70aaa58f3 100644
--- a/resources/views/users/api-tokens/parts/list.blade.php
+++ b/resources/views/users/api-tokens/parts/list.blade.php
@@ -4,7 +4,7 @@
<div class="text-right pt-xs">
@if(userCan('access-api'))
<a href="{{ url('/api/docs') }}" class="button outline">{{ trans('settings.users_api_tokens_docs') }}</a>
- <a href="{{ $user->getEditUrl('/create-api-token') }}" class="button outline">{{ trans('settings.users_api_tokens_create') }}</a>
+ <a href="{{ url('/api-tokens/' . $user->id . '/create?context=' . $context) }}" class="button outline">{{ trans('settings.users_api_tokens_create') }}</a>
@endif
</div>
</div>
@@ -14,7 +14,7 @@
@foreach($user->apiTokens as $token)
<div class="item-list-row flex-container-row items-center wrap py-xs gap-x-m">
<div class="flex px-m py-xs min-width-m">
- <a href="{{ $user->getEditUrl('/api-tokens/' . $token->id) }}">{{ $token->name }}</a> <br>
+ <a href="{{ $token->getUrl("?context={$context}") }}">{{ $token->name }}</a> <br>
<span class="small text-muted italic">{{ $token->token_id }}</span>
</div>
<div class="flex flex-container-row items-center min-width-m">
@@ -23,7 +23,7 @@
{{ $token->expires_at->format('Y-m-d') ?? '' }}
</div>
<div class="flex px-m py-xs text-right">
- <a class="button outline small" href="{{ $user->getEditUrl('/api-tokens/' . $token->id) }}">{{ trans('common.edit') }}</a>
+ <a class="button outline small" href="{{ $token->getUrl("?context={$context}") }}">{{ trans('common.edit') }}</a>
</div>
</div>
</div>
diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php
index 1254a1330..076b28c74 100644
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@@ -100,7 +100,7 @@
</section>
@endif
- @include('users.api-tokens.parts.list', ['user' => $user])
+ @include('users.api-tokens.parts.list', ['user' => $user, 'context' => 'settings'])
</div>
@stop
diff --git a/routes/web.php b/routes/web.php
index 69ce5167c..c2f4891b8 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -251,12 +251,12 @@ Route::middleware('auth')->group(function () {
Route::patch('/preferences/update-code-language-favourite', [UserControllers\UserPreferencesController::class, 'updateCodeLanguageFavourite']);
// User API Tokens
- Route::get('/settings/users/{userId}/create-api-token', [UserApiTokenController::class, 'create']);
- Route::post('/settings/users/{userId}/create-api-token', [UserApiTokenController::class, 'store']);
- Route::get('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'edit']);
- Route::put('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'update']);
- Route::get('/settings/users/{userId}/api-tokens/{tokenId}/delete', [UserApiTokenController::class, 'delete']);
- Route::delete('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'destroy']);
+ Route::get('/api-tokens/{userId}/create', [UserApiTokenController::class, 'create']);
+ Route::post('/api-tokens/{userId}/create', [UserApiTokenController::class, 'store']);
+ Route::get('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'edit']);
+ Route::put('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'update']);
+ Route::get('/api-tokens/{userId}/{tokenId}/delete', [UserApiTokenController::class, 'delete']);
+ Route::delete('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'destroy']);
// Roles
Route::get('/settings/roles', [UserControllers\RoleController::class, 'index']);