Added endpoint /token/destroy/{token}

2011-09-05 02:31:37 -06:00 · 2011-09-05 02:31:37 -06:00 · 5192c07d6d
commit 5192c07d6d
parent 17683eaeaa
1 changed files with 21 additions and 4 deletions
--- a/TShockAPI/SecureRest.cs
+++ b/TShockAPI/SecureRest.cs
@ -17,12 +17,31 @@ namespace TShockAPI
        {
            Tokens = new Dictionary<string, object>();
            Register(new RestCommand("/token/new/{username}/{password}", newtoken) { RequiesToken = false });
+            Register(new RestCommand("/token/destroy/{token}", DestroyToken) {RequiesToken = true});
        }
+
+        object DestroyToken(RestVerbs verbs, IParameterCollection parameters)
+        {
+            var token = verbs["token"];
+            try
+            {
+                Tokens.Remove(token);
+            }
+            catch (Exception)
+            {
+                return new Dictionary<string, string> { { "status", "400" }, { "error", "The specified token queued for destruction failed to be deleted." } };
+            }
+            return new Dictionary<string, string> { { "status", "200" }, { "response", "Requested token was successfully destroyed." } };
+        }
+
        object newtoken(RestVerbs verbs, IParameterCollection parameters)
        {
            var user = verbs["username"];
            var pass = verbs["password"];

+            if (Verify != null && !Verify(user, pass))
+                return new Dictionary<string, string> { { "status", "401" } , { "error", "Invalid username/password combination provided. Please re-submit your query with a correct pair." } };
+
            var userAccount = TShock.Users.GetUserByName(user);
            if (userAccount == null)
            {
@ -36,12 +55,9 @@ namespace TShockAPI

            if (!Tools.GetGroup(userAccount.Group).HasPermission("api") && userAccount.Group != "superadmin")
            {
-                return new Dictionary<string, string> { { "status", "403" }, { "error", "Although your account was successfully found and identified, your account lacks the permission required to use the API. (api)"} };
+                return new Dictionary<string, string> { { "status", "403" }, { "error", "Although your account was successfully found and identified, your account lacks the permission required to use the API. (api)" } };
            }

-            if (Verify != null && !Verify(user, pass))
-                return new Dictionary<string, string> { { "status", "401" } , { "error", "Invalid username/password combination provided. Please re-submit your query with a correct pair." } };
-
            string hash = string.Empty;
            var rand = new Random();
            var randbytes = new byte[20];
@ -55,6 +71,7 @@ namespace TShockAPI

            return new Dictionary<string, string> { { "status", "200" } , { "token", hash } }; ;
        }
+
        protected override object ExecuteCommand(RestCommand cmd, RestVerbs verbs, IParameterCollection parms)
        {
            if (cmd.RequiesToken)