feat: api tokens + deploy webhook

app/Actions/Database/StartMongodb.php

@@ -2,7 +2,6 @@
 
 namespace App\Actions\Database;
 
-use App\Models\Server;
 use App\Models\StandaloneMongodb;
 use Illuminate\Support\Str;
 use Symfony\Component\Yaml\Yaml;
@@ -16,7 +15,7 @@ class StartMongodb
     public array $commands = [];
     public string $configuration_dir;
 
-    public function handle(Server $server, StandaloneMongodb $database)
+    public function handle(StandaloneMongodb $database)
     {
         $this->database = $database;
 
@@ -102,7 +101,7 @@ public function handle(Server $server, StandaloneMongodb $database)
         $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md";
         $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d";
         $this->commands[] = "echo '####### {$database->name} started.'";
-        return remote_process($this->commands, $server);
+        return remote_process($this->commands, $database->destination->server);
     }
 
     private function generate_local_persistent_volumes()
@@ -160,6 +159,5 @@ private function add_custom_mongo_conf()
         $content = $this->database->mongo_conf;
         $content_base64 = base64_encode($content);
         $this->commands[] = "echo '{$content_base64}' | base64 -d > $this->configuration_dir/{$filename}";
-
     }
 }

app/Actions/Database/StartPostgresql.php

@@ -2,7 +2,6 @@
 
 namespace App\Actions\Database;
 
-use App\Models\Server;
 use App\Models\StandalonePostgresql;
 use Illuminate\Support\Str;
 use Symfony\Component\Yaml\Yaml;
@@ -17,7 +16,7 @@ class StartPostgresql
     public array $init_scripts = [];
     public string $configuration_dir;
 
-    public function handle(Server $server, StandalonePostgresql $database)
+    public function handle(StandalonePostgresql $database)
     {
         $this->database = $database;
         $container_name = $this->database->uuid;
@@ -104,7 +103,7 @@ public function handle(Server $server, StandalonePostgresql $database)
         $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md";
         $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d";
         $this->commands[] = "echo '####### {$database->name} started.'";
-        return remote_process($this->commands, $server);
+        return remote_process($this->commands, $database->destination->server);
     }
 
     private function generate_local_persistent_volumes()

app/Actions/Database/StartRedis.php

@@ -2,7 +2,6 @@
 
 namespace App\Actions\Database;
 
-use App\Models\Server;
 use App\Models\StandaloneRedis;
 use Illuminate\Support\Str;
 use Symfony\Component\Yaml\Yaml;
@@ -17,7 +16,7 @@ class StartRedis
     public string $configuration_dir;
 
 
-    public function handle(Server $server, StandaloneRedis $database)
+    public function handle(StandaloneRedis $database)
     {
         $this->database = $database;
 
@@ -104,7 +103,7 @@ public function handle(Server $server, StandaloneRedis $database)
         $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md";
         $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d";
         $this->commands[] = "echo '####### {$database->name} started.'";
-        return remote_process($this->commands, $server);
+        return remote_process($this->commands, $database->destination->server);
     }
 
     private function generate_local_persistent_volumes()

app/Http/Livewire/Dashboard.php

@@ -17,10 +17,6 @@ public function mount()
         $this->servers = Server::ownedByCurrentTeam()->get();
         $this->projects = Project::ownedByCurrentTeam()->get();
     }
-    // public function createToken() {
-    //     $token = auth()->user()->createToken('test');
-    //     ray($token);
-    // }
     // public function getIptables()
     // {
     //     $servers = Server::ownedByCurrentTeam()->get();

app/Http/Livewire/Project/Database/Heading.php

@@ -47,15 +47,15 @@ public function stop()
     public function start()
     {
         if ($this->database->type() === 'standalone-postgresql') {
-            $activity = StartPostgresql::run($this->database->destination->server, $this->database);
+            $activity = StartPostgresql::run($this->database);
             $this->emit('newMonitorActivity', $activity->id);
         }
         if ($this->database->type() === 'standalone-redis') {
-            $activity = StartRedis::run($this->database->destination->server, $this->database);
+            $activity = StartRedis::run($this->database);
             $this->emit('newMonitorActivity', $activity->id);
         }
         if ($this->database->type() === 'standalone-mongodb') {
-            $activity = StartMongodb::run($this->database->destination->server, $this->database);
+            $activity = StartMongodb::run($this->database);
             $this->emit('newMonitorActivity', $activity->id);
         }
     }

app/Http/Livewire/Security/ApiTokens.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace App\Http\Livewire\Security;
+
+use Livewire\Component;
+
+class ApiTokens extends Component
+{
+    public ?string $description = null;
+    public $tokens = [];
+    public function render()
+    {
+        return view('livewire.security.api-tokens');
+    }
+    public function mount()
+    {
+        $this->tokens = auth()->user()->tokens;
+    }
+    public function addNewToken()
+    {
+        try {
+            $this->validate([
+                'description' => 'required|min:3|max:255',
+            ]);
+            $token = auth()->user()->createToken($this->description);
+            $this->tokens = auth()->user()->tokens;
+            session()->flash('token', $token->plainTextToken);
+        } catch (\Exception $e) {
+            return handleError($e, $this);
+        }
+    }
+    public function revoke(int $id)
+    {
+        $token = auth()->user()->tokens()->where('id', $id)->first();
+        $token->delete();
+        $this->tokens = auth()->user()->tokens;
+    }
+}

app/Providers/RouteServiceProvider.php

@@ -46,9 +46,9 @@ protected function configureRateLimiting(): void
     {
         RateLimiter::for('api', function (Request $request) {
             if ($request->path() === 'api/health') {
-                return Limit::perMinute(5000)->by($request->user()?->id ?: $request->ip());
+                return Limit::perMinute(1000)->by($request->user()?->id ?: $request->ip());
             }
-            return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
+            return Limit::perMinute(30)->by($request->user()?->id ?: $request->ip());
         });
         RateLimiter::for('5', function (Request $request) {
             return Limit::perMinute(5)->by($request->user()?->id ?: $request->ip());

bootstrap/helpers/shared.php

@@ -1,7 +1,12 @@
 <?php
 
+use App\Models\Application;
 use App\Models\InstanceSettings;
 use App\Models\Server;
+use App\Models\Service;
+use App\Models\StandaloneMongodb;
+use App\Models\StandalonePostgresql;
+use App\Models\StandaloneRedis;
 use App\Models\Team;
 use App\Models\User;
 use App\Notifications\Channels\DiscordChannel;
@@ -453,3 +458,31 @@ function getServiceTemplates()
     }
     return $services;
 }
+
+function getResourceByUuid(string $uuid, ?int $teamId = null)
+{
+    $resource = queryResourcesByUuid($uuid);
+    if (!is_null($teamId)) {
+        if ($resource->environment->project->team_id === $teamId) {
+            return $resource;
+        }
+        return null;
+    } else {
+        return $resource;
+    }
+}
+function queryResourcesByUuid(string $uuid)
+{
+    $resource = null;
+    $application = Application::whereUuid($uuid)->first();
+    if ($application) return $application;
+    $service = Service::whereUuid($uuid)->first();
+    if ($service) return $service;
+    $postgresql = StandalonePostgresql::whereUuid($uuid)->first();
+    if ($postgresql) return $postgresql;
+    $redis = StandaloneRedis::whereUuid($uuid)->first();
+    if ($redis) return $redis;
+    $mongodb = StandaloneMongodb::whereUuid($uuid)->first();
+    if ($mongodb) return $mongodb;
+    return $resource;
+}

resources/views/components/security/navbar.blade.php

@@ -10,8 +10,15 @@
         </ol>
     </nav>
     <nav class="navbar-main">
-        <a class="{{ request()->routeIs('security.private-key.index') ? 'text-white' : '' }}" href="{{ route('security.private-key.index') }}">
+        <a href="{{ route('security.private-key.index') }}">
             <button>Private Keys</button>
         </a>
+        <a href="{{ route('security.api-tokens') }}">
+            <button>API tokens</button>
+        </a>
+        <div class="flex-1"></div>
+        <div class="-mt-9">
+            <livewire:switch-team />
+        </div>
     </nav>
 </div>

resources/views/livewire/dashboard.blade.php

@@ -100,9 +100,6 @@
     </a>
 @endforeach
 </div>
-{{-- <h3 class="py-4">Tokens</h3>
-    {{auth()->user()->tokens}}
-    <x-forms.button wire:click='createToken'>Create Token</x-forms.button> --}}
 <script>
     function gotoProject(uuid, environment = 'production') {
         window.location.href = '/project/' + uuid + '/' + environment;

resources/views/livewire/security/api-tokens.blade.php

@@ -0,0 +1,36 @@
+<div>
+    <x-security.navbar />
+    <div class="flex gap-2">
+        <h2 class="pb-4">API Tokens</h2>
+        <x-helper
+            helper="Tokens are created with the current team as scope. You will only have access to this team's resources." />
+    </div>
+    <h4>Create New Token</h4>
+    <span>Currently active team: <span class="text-warning">{{ session('currentTeam.name') }}</span></span>
+    <form class="flex items-end gap-2 pt-4" wire:submit.prevent='addNewToken'>
+        <x-forms.input required id="description" label="Description" />
+        <x-forms.button type="submit">Create New Token</x-forms.button>
+    </form>
+    @if (session()->has('token'))
+        <div class="pb-4 font-bold text-warning">Please copy this token now. For your security, it won't be shown again.
+        </div>
+        <div class="pb-4 font-bold text-white"> {{ session('token') }}</div>
+    @endif
+    <h4 class="py-4">Issued Tokens</h4>
+    <div class="grid gap-2 lg:grid-cols-1">
+        @forelse ($tokens as $token)
+            <div class="flex items-center gap-2">
+                <div
+                    class="flex items-center gap-2 group-hover:text-white p-2 border border-coolgray-200 hover:text-white hover:no-underline min-w-[24rem] cursor-default">
+                    <div>{{ $token->name }}</div>
+                </div>
+                <x-forms.button wire:click="revoke('{{ $token->id }}')">Revoke</x-forms.button>
+            </div>
+        @empty
+            <div>
+                <div>No API tokens found.</div>
+            </div>
+        @endforelse
+    </div>
+
+</div>

routes/api.php

@@ -1,7 +1,15 @@
 <?php
 
+use App\Actions\Database\StartPostgresql;
+use App\Models\Application;
+use App\Models\Service;
+use App\Models\StandaloneMongodb;
+use App\Models\StandalonePostgresql;
+use App\Models\StandaloneRedis;
 use App\Models\User;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Route;
+use Visus\Cuid2\Cuid2;
 
 /*
 |--------------------------------------------------------------------------
@@ -17,9 +25,46 @@
 Route::get('/health', function () {
     return 'OK';
 });
+Route::group([
+    'middleware' => ['auth:sanctum'],
+    'prefix' => 'v1'
+], function () {
+    Route::get('/deploy', function (Request $request) {
+        $token = auth()->user()->currentAccessToken();
+        $teamId = data_get($token, 'team_id');
+        $uuid = $request->query->get('uuid');
+        $force = $request->query->get('force') ?? false;
+
+        if (is_null($teamId)) {
+            return response()->json(['error' => 'Invalid token.'], 400);
+        }
+        if (!$uuid) {
+            return response()->json(['error' => 'No UUID provided.'], 400);
+        }
+        $resource = getResourceByUuid($uuid, $teamId);
+        if ($resource) {
+            $type = $resource->getMorphClass();
+            if ($type === 'App\Models\Application') {
+                queue_application_deployment(
+                    application_id: $resource->id,
+                    deployment_uuid: new Cuid2(7),
+                    force_rebuild: $force,
+                );
+                return response()->json(['message' => 'Deployment queued.'], 200);
+            } else if ($type === 'App\Models\StandalonePostgresql') {
+                StartPostgresql::run($resource);
+                $resource->update([
+                    'started_at' => now(),
+                ]);
+                return response()->json(['message' => 'Database started.'], 200);
+            }
+        }
+        return response()->json(['error' => 'No resource found.'], 404);
+    });
+});
 
 Route::middleware(['throttle:5'])->group(function () {
-    Route::get('/unsubscribe/{token}', function() {
+    Route::get('/unsubscribe/{token}', function () {
         try {
             $token = request()->token;
             $email = decrypt($token);
@@ -34,6 +79,5 @@
         } catch (\Throwable $e) {
             return 'Something went wrong. Please try again or contact support.';
         }
-
     })->name('unsubscribe.marketing.emails');
 });

routes/web.php

@@ -12,6 +12,7 @@
 use App\Http\Livewire\Dashboard;
 use App\Http\Livewire\Project\CloneProject;
 use App\Http\Livewire\Project\Shared\Logs;
+use App\Http\Livewire\Security\ApiTokens;
 use App\Http\Livewire\Server\All;
 use App\Http\Livewire\Server\Create;
 use App\Http\Livewire\Server\Destination\Show as DestinationShow;
@@ -164,6 +165,8 @@
     Route::get('/security/private-key/{private_key_uuid}', fn () => view('security.private-key.show', [
         'private_key' => PrivateKey::ownedByCurrentTeam(['name', 'description', 'private_key', 'is_git_related'])->whereUuid(request()->private_key_uuid)->firstOrFail()
     ]))->name('security.private-key.show');
+    Route::get('/security/api-tokens', ApiTokens::class)->name('security.api-tokens');
+
 });