Merge pull request #4466 from beganovich/v4-support-for-api-key

(v4) Add support for X-Api-Token in migration
2025-11-04 04:07:32 -05:00 · 2020-12-14 10:12:34 +01:00 · 2020-12-14 10:12:34 +01:00 · d35b5f66ad
commit d35b5f66ad
parent 39a58f909e 40bb6ad9ab
5 changed files with 49 additions and 7 deletions
--- a/app/Http/Controllers/Migration/StepsController.php
+++ b/app/Http/Controllers/Migration/StepsController.php
@ -124,12 +124,13 @@ class StepsController extends BaseController
            return back()->with('responseErrors', [trans('texts.cross_migration_message')]);
        }

-        $authentication = (new AuthService($request->email, $request->password))
+        $authentication = (new AuthService($request->email, $request->password, $request->has('api_secret') ? $request->api_secret : null))
            ->endpoint(session('MIGRATION_ENDPOINT'))
            ->start();

        if ($authentication->isSuccessful()) {
            session()->put('MIGRATION_ACCOUNT_TOKEN', $authentication->getAccountToken());
+            session()->put('MIGRAITON_API_SECRET', $authentication->getApiSecret());

            return redirect(
                url('/migration/companies')
--- a/app/Services/Migration/AuthService.php
+++ b/app/Services/Migration/AuthService.php
@ -1,5 +1,16 @@
 <?php

+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://opensource.org/licenses/AAL
+ */
+
+
 namespace App\Services\Migration;

 use Unirest\Request;
@ -9,17 +20,21 @@ class AuthService
 {
    protected $username;
    protected $password;
+    protected $apiSecret;
+
    protected $endpoint = 'https://app.invoiceninja.com';
    protected $uri = '/api/v1/login?include=token';
+
    protected $errors = [];
    protected $token;
    protected $isSuccessful;


-    public function __construct(string $username, string $password)
+    public function __construct(string $username, string $password, string $apiSecret = null)
    {
        $this->username = $username;
        $this->password = $password;
+        $this->apiSecret = $apiSecret;
    }

    public function endpoint(string $endpoint)
@ -72,6 +87,10 @@ class AuthService
        return null;
    }

+    public function getApiSecret()
+    {
+        return $this->apiSecret;
+    }

    public function getErrors()
    {
@ -80,10 +99,16 @@ class AuthService

    private function getHeaders()
    {
-        return [
+        $headers = [
            'X-Requested-With' => 'XMLHttpRequest',
            'Content-Type' => 'application/json',
        ];
+
+        if (!is_null($this->apiSecret)) {
+            $headers['X-Api-Secret'] = $this->apiSecret;
+        }
+
+        return $headers;
    }

    private function getUrl()
--- a/app/Services/Migration/CompleteService.php
+++ b/app/Services/Migration/CompleteService.php
@ -87,11 +87,17 @@ class CompleteService

    private function getHeaders()
    {
-        return [
+        $headers =  [
            'X-Requested-With' => 'XMLHttpRequest',
            'X-Api-Token' => $this->token,
            'Content-Type' => 'multipart/form-data',
        ];
+
+        if (session('MIGRATION_API_SECRET')) {
+            $headers['X-Api-Secret'] = session('MIGRATION_API_SECRET');
+        }
+
+        return $headers;
    }

    private function getUrl()
--- a/resources/lang/en/texts.php
+++ b/resources/lang/en/texts.php
@ -3816,6 +3816,9 @@ $LANG = array(
    'activity_65' => ':user emailed third reminder for invoice :invoice to :contact',
    'activity_66' => ':user emailed endless reminder for invoice :invoice to :contact',
    'expense_category_id' => 'Expense Category ID',
+    'migration_auth_label' => 'Let\'s continue by authenticating.',
+    'api_secret' => 'API secret',
+    'migration_api_secret_notice' => 'You can find API_SECRET in the .env file or Invoice Ninja v5. If property is missing, leave field blank.',
    'view_licenses' => 'View Licenses',
    'fullscreen_editor' => 'Fullscreen Editor',
    'sidebar_editor' => 'Sidebar Editor',
--- a/resources/views/migration/auth.blade.php
+++ b/resources/views/migration/auth.blade.php
@ -11,18 +11,25 @@
            <h3 class="panel-title">{!! trans('texts.welcome_to_the_new_version') !!}</h3>
        </div>
        <div class="panel-body">
-            <h4>Let's continue with authentication.</h4><br/>
+            <h4>{!! trans('texts.migration_auth_label') !!}</h4><br/>
            <form action="{{ url('/migration/auth') }}" method="post" id="auth-form">
                {{ csrf_field() }}
+
                <div class="form-group">
-                    <label for="email">E-mail address</label>
+                    <label for="email">{!! trans('texts.email_address') !!} *</label>
                    <input type="email" name="email" class="form form-control">
                </div>

                <div class="form-group">
-                    <label for="password">Password</label>
+                    <label for="password">{!! trans('texts.password') !!} *</label>
                    <input type="password" name="password" class="form form-control">
                </div>
+
+                <div class="form-group">
+                    <label for="api_secret">{!! trans('texts.api_secret') !!}</label>
+                    <input type="api_secret" name="api_secret" class="form form-control">
+                    <small>{!! trans('texts.migration_api_secret_notice') !!}</small>
+                </div>
            </form>
        </div>
        <div class="panel-footer text-right">