From bdf893e87b3fa6b34b08c78b060553e3e88f2c82 Mon Sep 17 00:00:00 2001
From: Camil Staps
Date: Sun, 10 May 2015 19:11:07 +0300
Subject: Cleanup; show user_token-token field on store request (POST)

---
 src/controllers/UserTokenController.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'src/controllers')

diff --git a/src/controllers/UserTokenController.php b/src/controllers/UserTokenController.php
index d894b52..2c2fe1e 100644
--- a/src/controllers/UserTokenController.php
+++ b/src/controllers/UserTokenController.php
@@ -12,19 +12,35 @@ class UserTokenController extends BaseController {
         $this->userToken = $userToken;
     }
 
+    /**
+     * Only the tokens of the authenticated user are shown
+     */
     public function index() {
         return $this->userToken->where('userId', '=', Auth::user()->id)->get();
     }
     
+    /**
+     * Only the tokens of the authenticated user are available
+     */
     public function show($id) {
         return $this->userToken->where('userId', '=', Auth::user()->id)->findOrFail($id);
     }
 
+    /**
+     * Set the userId and create a random token
+     */
     public function store() {
         $this->userToken->userId = Auth::user()->id;
         $this->userToken->token = sha1(mt_rand());
 
         if ($this->userToken->save()) {
+            // Remove the token field from the hidden fields
+            $hidden = $this->userToken->getHidden();
+            foreach ($hidden as $k => $v)
+                if ($v == 'token')
+                    unset($hidden[$k]);
+            $this->userToken->setHidden($hidden);
+
             return $this->userToken;
         } else {
             throw new Dingo\Api\Exception\StoreResourceFailedException;
-- 
cgit v1.2.3