115 lines
3.9 KiB
PHP
115 lines
3.9 KiB
PHP
<?php
|
|
|
|
namespace Database\Seeders;
|
|
|
|
use App\Models\PersonalAccessToken;
|
|
use App\Models\Team;
|
|
use App\Models\User;
|
|
use Illuminate\Database\Seeder;
|
|
use Illuminate\Support\Facades\Hash;
|
|
|
|
class PersonalAccessTokenSeeder extends Seeder
|
|
{
|
|
/**
|
|
* Run the database seeds.
|
|
*/
|
|
public function run(): void
|
|
{
|
|
// Only run in development environment
|
|
if (app()->environment('production')) {
|
|
$this->command->warn('Skipping PersonalAccessTokenSeeder in production environment');
|
|
|
|
return;
|
|
}
|
|
|
|
// Get the first user (usually the admin user created during setup)
|
|
$user = User::find(0);
|
|
|
|
if (! $user) {
|
|
$this->command->warn('No user found. Please run UserSeeder first.');
|
|
|
|
return;
|
|
}
|
|
|
|
// Get the user's first team
|
|
$team = $user->teams()->first();
|
|
|
|
if (! $team) {
|
|
$this->command->warn('No team found for user. Cannot create API tokens.');
|
|
|
|
return;
|
|
}
|
|
|
|
// Define test tokens with different scopes
|
|
$testTokens = [
|
|
[
|
|
'name' => 'Development Root Token',
|
|
'token' => 'root',
|
|
'abilities' => ['root'],
|
|
],
|
|
[
|
|
'name' => 'Development Read Token',
|
|
'token' => 'read',
|
|
'abilities' => ['read'],
|
|
],
|
|
[
|
|
'name' => 'Development Read Sensitive Token',
|
|
'token' => 'read-sensitive',
|
|
'abilities' => ['read', 'read:sensitive'],
|
|
],
|
|
[
|
|
'name' => 'Development Write Token',
|
|
'token' => 'write',
|
|
'abilities' => ['write'],
|
|
],
|
|
[
|
|
'name' => 'Development Write Sensitive Token',
|
|
'token' => 'write-sensitive',
|
|
'abilities' => ['write', 'write:sensitive'],
|
|
],
|
|
[
|
|
'name' => 'Development Deploy Token',
|
|
'token' => 'deploy',
|
|
'abilities' => ['deploy'],
|
|
],
|
|
];
|
|
|
|
// First, remove all existing development tokens for this user
|
|
$deletedCount = PersonalAccessToken::where('tokenable_id', $user->id)
|
|
->where('tokenable_type', get_class($user))
|
|
->whereIn('name', array_column($testTokens, 'name'))
|
|
->delete();
|
|
|
|
if ($deletedCount > 0) {
|
|
$this->command->info("Removed {$deletedCount} existing development token(s).");
|
|
}
|
|
|
|
// Now create fresh tokens
|
|
foreach ($testTokens as $tokenData) {
|
|
// Create the token with a simple format: Bearer {scope}
|
|
// The token format in the database is the hash of the plain text token
|
|
$plainTextToken = $tokenData['token'];
|
|
|
|
PersonalAccessToken::create([
|
|
'tokenable_type' => get_class($user),
|
|
'tokenable_id' => $user->id,
|
|
'name' => $tokenData['name'],
|
|
'token' => hash('sha256', $plainTextToken),
|
|
'abilities' => $tokenData['abilities'],
|
|
'team_id' => $team->id,
|
|
]);
|
|
|
|
$this->command->info("Created token '{$tokenData['name']}' with Bearer token: {$plainTextToken}");
|
|
}
|
|
|
|
$this->command->info('');
|
|
$this->command->info('Test API tokens created successfully!');
|
|
$this->command->info('You can use these tokens in development as:');
|
|
$this->command->info(' Bearer root - Root access');
|
|
$this->command->info(' Bearer read - Read only access');
|
|
$this->command->info(' Bearer read-sensitive - Read with sensitive data access');
|
|
$this->command->info(' Bearer write - Write access');
|
|
$this->command->info(' Bearer write-sensitive - Write with sensitive data access');
|
|
$this->command->info(' Bearer deploy - Deploy access');
|
|
}
|
|
}
|