APIProfileForm.inc.php

<?php
 
use \Firebase\JWT\JWT;
 
import('lib.pkp.classes.user.form.BaseProfileForm');
 
class APIProfileForm extends BaseProfileForm {
 
   public function __construct($user) {
      parent::__construct('user/apiProfileForm.tpl', $user);
   }
 
   public function initData() {
      $user = $this->getUser();
      $this->setData('apiKeyEnabled', (bool) $user->getData('apiKeyEnabled'));
   }
 
   public function readInputData() {
      parent::readInputData();
 
      $this->readUserVars(array(
            'apiKeyEnabled', 'generateApiKey',
      ));
   }
 
   public function fetch($request, $template = null, $display = false) {
      $user = $request->getUser();
      $secret = Config::getVar('security', 'api_key_secret', '');
      if ($secret === '') {
         $notificationManager = new NotificationManager();
         $notificationManager->createTrivialNotification(
            $user->getId(), NOTIFICATION_TYPE_WARNING, array(
               'contents' => __('user.apiKey.secretRequired'),
         ));
      } elseif ($user->getData('apiKey')) {
         $templateMgr = TemplateManager::getManager($request);
         $templateMgr->assign(array(
            'apiKey' => JWT::encode($user->getData('apiKey'), $secret, 'HS256'),
         ));
      }
      return parent::fetch($request, $template, $display);
   }
 
   function execute(...$functionArgs) {
      $request = Application::get()->getRequest();
      $user = $request->getUser();
 
      $apiKeyEnabled = (bool) $this->getData('apiKeyEnabled');
      $user->setData('apiKeyEnabled', $apiKeyEnabled);
 
      // remove api key if exists
      if (!$apiKeyEnabled) {
         $user->setData('apiKeyEnabled', null);
      }
 
      // generate api key
      if ($apiKeyEnabled && !is_null($this->getData('generateApiKey'))) {
         $secret = Config::getVar('security', 'api_key_secret', '');
         if ($secret) {
            $user->setData('apiKey', sha1(time()));
         }
      }
 
      parent::execute(...$functionArgs);
   }
}