wip: PAT by team

app/Http/Livewire/Dashboard.php

@@ -17,6 +17,10 @@ class Dashboard extends Component
         $this->servers = Server::ownedByCurrentTeam()->get();
         $this->projects = Project::ownedByCurrentTeam()->get();
     }
+    // public function createToken() {
+    //     $token = auth()->user()->createToken('test');
+    //     ray($token);
+    // }
     // public function getIptables()
     // {
     //     $servers = Server::ownedByCurrentTeam()->get();

app/Models/PersonalAccessToken.php

@@ -0,0 +1,15 @@
+<?php
+namespace App\Models;
+
+use Laravel\Sanctum\PersonalAccessToken as SanctumPersonalAccessToken;
+
+class PersonalAccessToken extends SanctumPersonalAccessToken
+{
+    protected $fillable = [
+        'name',
+        'token',
+        'abilities',
+        'expires_at',
+        'team_id',
+    ];
+}

app/Models/User.php

@@ -4,6 +4,7 @@ namespace App\Models;
 
 use App\Notifications\Channels\SendsEmail;
 use App\Notifications\TransactionalEmails\ResetPassword as TransactionalEmailsResetPassword;
+use DateTimeInterface;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -14,6 +15,8 @@ use Illuminate\Support\Facades\Config;
 use Illuminate\Support\Facades\URL;
 use Laravel\Fortify\TwoFactorAuthenticatable;
 use Laravel\Sanctum\HasApiTokens;
+use Laravel\Sanctum\NewAccessToken;
+use Illuminate\Support\Str;
 
 class User extends Authenticatable implements SendsEmail
 {
@@ -47,7 +50,26 @@ class User extends Authenticatable implements SendsEmail
             $user->teams()->attach($new_team, ['role' => 'owner']);
         });
     }
+    public function createToken(string $name, array $abilities = ['*'], DateTimeInterface $expiresAt = null)
+    {
+        ray('asd');
+        $plainTextToken = sprintf(
+            '%s%s%s',
+            config('sanctum.token_prefix', ''),
+            $tokenEntropy = Str::random(40),
+            hash('crc32b', $tokenEntropy)
+        );
 
+        $token = $this->tokens()->create([
+            'name' => $name,
+            'token' => hash('sha256', $plainTextToken),
+            'abilities' => $abilities,
+            'expires_at' => $expiresAt,
+            'team_id' => session('currentTeam')->id
+        ]);
+
+        return new NewAccessToken($token, $token->getKey().'|'.$plainTextToken);
+    }
     public function teams()
     {
         return $this->belongsToMany(Team::class)->withPivot('role');

app/Providers/AppServiceProvider.php

@@ -4,6 +4,8 @@ namespace App\Providers;
 
 use Illuminate\Support\Facades\Http;
 use Illuminate\Support\ServiceProvider;
+use Laravel\Sanctum\Sanctum;
+use App\Models\PersonalAccessToken;
 
 class AppServiceProvider extends ServiceProvider
 {
@@ -13,6 +15,8 @@ class AppServiceProvider extends ServiceProvider
 
     public function boot(): void
     {
+        Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class);
+
         Http::macro('github', function (string $api_url, string|null $github_access_token = null) {
             if ($github_access_token) {
                 return Http::withHeaders([

resources/views/livewire/dashboard.blade.php

@@ -62,7 +62,7 @@
     @endforeach
 </div>
 @if ($projects->count() > 0)
-    <h3 class="pb-4">Servers</h3>
+    <h3 class="py-4">Servers</h3>
 @endif
 @if ($servers->count() === 1)
     <div class="grid grid-cols-1 gap-2">
@@ -97,7 +97,9 @@
     </a>
 @endforeach
 </div>
-
+    {{-- <h3 class="py-4">Tokens</h3>
+    {{auth()->user()->tokens}}
+    <x-forms.button wire:click='createToken'>Create Token</x-forms.button> --}}
 <script>
     function gotoProject(uuid, environment = 'production') {
         window.location.href = '/project/' + uuid + '/' + environment;