AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 10:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Initial WIP: Allow decrypting logins/credentials via the API

Browse Source
This commit is contained in:
wrongecho
2024-08-19 21:23:43 +01:00
parent 86e3f377ab
commit 63feff03d2
7 changed files with 129 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
post/api.php
View File

@@ -11,10 +11,14 @@ if (isset($_POST['add_api_key'])) {
// CSRF Check
validateCSRFToken($_POST['csrf_token']);
$secret = sanitizeInput($_POST['key']);
$name = sanitizeInput($_POST['name']);
$expire = sanitizeInput($_POST['expire']);
$client = intval($_POST['client']);
$secret = sanitizeInput($_POST['key']); // API Key
// Credential decryption password
$password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT);
$apikey_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['password']));
mysqli_query($mysqli,"INSERT INTO api_keys SET api_key_name = '$name', api_key_secret = '$secret', api_key_expire = '$expire', api_key_client_id = $client");