How to update user token from API?

yoshapihoff · February 24, 2021, 1:39pm

Hello. I tried to find information on this issue among the topics of this forum, but did not find anything.

raffaelj · March 23, 2021, 6:06pm

I wasn’t aware of that route, too, but after a quick look at RestApi.php I saw, that it is already implemented.

Just call https://cockpit-url.com/api/cockpit/refreshUserApiKey?token=current-user-token to refresh the user token.

But it looks like you could lock yourself out if you call that route with your own api key, because you can’t authenticate again - without a valid api token to get your new one

github.com

agentejo/cockpit/blob/next/modules/Cockpit/Controller/RestApi.php#L45-L63


public function refreshUserApiKey() {

    $apiKey = $this->param('apiKey');

    if (!$apiKey) {
        return $this->stop(['error' => 'apiKey parameter is missing'], 412);
    }

    $user = $this->app->storage->findOne('cockpit/accounts', ['api_key' => $apiKey]);

    if (!$user) {
        return $this->stop(['error' => 'User not found'], 404);
    }

    $user['api_key'] = 'account-'.\uniqid(\bin2hex(\random_bytes(16)));
    $this->app->storage->save('cockpit/accounts', $user);

    return ['success' => true];
}

If you have permission to update accounts, you can also use the /api/cockpit/saveUser route with a locally updated api key.

Or look at the code of both methods and write your own api endpoint to fit your needs.

Topic		Replies	Views
Post api registration user Support	1	791	June 17, 2019
Authenticate API with Username and Password Cockpit v2	8	1154	December 18, 2023
Create user via rest api Support	4	557	September 6, 2023
How to login and get the API token with username and password? Cockpit v2	8	1347	November 24, 2023
How long does a user api key last. What is the validity period? Support	1	391	March 23, 2021

How to update user token from API?

Related Topics