From 444e12f28a57cd9fd3c312d067a6c43e5e93b8a7 Mon Sep 17 00:00:00 2001
From: Daniel Gruno <humbedooh@apache.org>
Date: Tue, 18 Sep 2018 18:21:08 +0200
Subject: [PATCH] gen and show tokens

---
 api/pages/session.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/api/pages/session.py b/api/pages/session.py
index 3b5f432..425cd89 100644
--- a/api/pages/session.py
+++ b/api/pages/session.py
@@ -101,6 +101,7 @@
 import time
 import bcrypt
 import hashlib
+import uuid
 
 def run(API, environ, indata, session):
     
@@ -143,6 +144,13 @@ def run(API, environ, indata, session):
     
     # Display the user data for this session
     if method == "GET":
+        
+        # Do we have an API key? If not, make one
+        if not session.user.get('token') or indata.get('newtoken'):
+            token = str(uuid.uuid4())
+            session.user['token'] = token
+            session.DB.ES.index(index=session.DB.dbname, doc_type='useraccount', id = session.user['email'], body = session.user)
+        
         # Run a quick search of all orgs we have.
         res = session.DB.ES.search(
                 index=session.DB.dbname,
@@ -167,7 +175,8 @@ def run(API, environ, indata, session):
             'organisations': session.user['organisations'],
             'ownerships': session.user['ownerships'],
             'gravatar': hashlib.md5(session.user['email'].encode('utf-8')).hexdigest(),
-            'userlevel': session.user['userlevel']
+            'userlevel': session.user['userlevel'],
+            'token': session.user['token']
         }
         yield json.dumps(JSON_OUT)
         return