X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/692fc46c7dfab76f4e9e28a9f1b4c419f60b5ded..refs/pull/1998/head:/app/Http/Controllers/UserApiTokenController.php

diff --git a/app/Http/Controllers/UserApiTokenController.php b/app/Http/Controllers/UserApiTokenController.php
index c18d52901..55675233c 100644
--- a/app/Http/Controllers/UserApiTokenController.php
+++ b/app/Http/Controllers/UserApiTokenController.php
@@ -40,14 +40,13 @@ class UserApiTokenController extends Controller
 
         $user = User::query()->findOrFail($userId);
         $secret = Str::random(32);
-        $expiry = $request->get('expires_at', (Carbon::now()->addYears(100))->format('Y-m-d'));
 
         $token = (new ApiToken())->forceFill([
             'name' => $request->get('name'),
             'token_id' => Str::random(32),
             'secret' => Hash::make($secret),
             'user_id' => $user->id,
-            'expires_at' => $expiry
+            'expires_at' => $request->get('expires_at') ?: ApiToken::defaultExpiry(),
         ]);
 
         while (ApiToken::query()->where('token_id', '=', $token->token_id)->exists()) {
@@ -55,7 +54,6 @@ class UserApiTokenController extends Controller
         }
 
         $token->save();
-        $token->refresh();
 
         session()->flash('api-token-secret:' . $token->id, $secret);
         $this->showSuccessNotification(trans('settings.user_api_token_create_success'));
@@ -89,8 +87,11 @@ class UserApiTokenController extends Controller
         ]);
 
         [$user, $token] = $this->checkPermissionAndFetchUserToken($userId, $tokenId);
+        $token->fill([
+            'name' => $request->get('name'),
+            'expires_at' => $request->get('expires_at') ?: ApiToken::defaultExpiry(),
+        ])->save();
 
-        $token->fill($request->all())->save();
         $this->showSuccessNotification(trans('settings.user_api_token_update_success'));
         return redirect($user->getEditUrl('/api-tokens/' . $token->id));
     }