Bug 1046126: Do not generate a new API token every time you access a bug-related page

r=sgreen,a=glob git-svn-id: svn://10.0.0.236/trunk@265560 18797224-902f-48f8-a5cc-f745e15eee43
2014-09-08 14:00:48 +00:00 · 2014-09-08 14:00:48 +00:00 · 82677cb98e
commit 82677cb98e
parent 0ded788642
3 changed files with 12 additions and 5 deletions
--- a/mozilla/webtools/bugzilla/.bzrrev
+++ b/mozilla/webtools/bugzilla/.bzrrev
@ -1 +1 @@
-9125
+9126
--- a/mozilla/webtools/bugzilla/.gitrev
+++ b/mozilla/webtools/bugzilla/.gitrev
@ -1 +1 @@
-fc4350ac3ae2a63ca423eef7c1406cd4c299d80e
+e181022c27b291b845f029f0e8f25748cad8495f
--- a/mozilla/webtools/bugzilla/Bugzilla/Token.pm
+++ b/mozilla/webtools/bugzilla/Bugzilla/Token.pm
@ -34,9 +34,16 @@ use parent qw(Exporter);

 # Create a token used for internal API authentication
 sub issue_api_token {
-    # Generates a random token, adds it to the tokens table, and returns
-    # the token to the caller.
-    return _create_token(Bugzilla->user->id, 'api_token', '');
+    # Generates a random token, adds it to the tokens table if one does not
+    # already exist, and returns the token to the caller.
+    my $dbh  = Bugzilla->dbh;
+    my $user = Bugzilla->user;
+    my ($token) = $dbh->selectrow_array("
+        SELECT token FROM tokens
+         WHERE userid = ? AND tokentype = 'api_token'
+               AND (" . $dbh->sql_date_math('issuedate', '+', (MAX_TOKEN_AGE * 24 - 12), 'HOUR') . ") > NOW()",
+        undef, $user->id);
+    return $token // _create_token($user->id, 'api_token', '');
 }

 # Creates and sends a token to create a new user account.