feat: token permissions

feat: handle sensitive data
feat: handle read-only data

app/Livewire/Security/ApiTokens.php

@@ -10,6 +10,12 @@ class ApiTokens extends Component
 
     public $tokens = [];
 
+    public bool $viewSensitiveData = false;
+
+    public bool $readOnly = true;
+
+    public array $permissions = ['read-only'];
+
     public function render()
     {
         return view('livewire.security.api-tokens');
@@ -17,7 +23,33 @@ class ApiTokens extends Component
 
     public function mount()
     {
-        $this->tokens = auth()->user()->tokens;
+        $this->tokens = auth()->user()->tokens->sortByDesc('created_at');
+    }
+
+    public function updatedViewSensitiveData()
+    {
+        if ($this->viewSensitiveData) {
+            $this->permissions[] = 'view:sensitive';
+            $this->permissions = array_diff($this->permissions, ['*']);
+        } else {
+            $this->permissions = array_diff($this->permissions, ['view:sensitive']);
+        }
+        if (count($this->permissions) == 0) {
+            $this->permissions = ['*'];
+        }
+    }
+
+    public function updatedReadOnly()
+    {
+        if ($this->readOnly) {
+            $this->permissions[] = 'read-only';
+            $this->permissions = array_diff($this->permissions, ['*']);
+        } else {
+            $this->permissions = array_diff($this->permissions, ['read-only']);
+        }
+        if (count($this->permissions) == 0) {
+            $this->permissions = ['*'];
+        }
     }
 
     public function addNewToken()
@@ -26,7 +58,13 @@ class ApiTokens extends Component
             $this->validate([
                 'description' => 'required|min:3|max:255',
             ]);
-            $token = auth()->user()->createToken($this->description);
+            // if ($this->viewSensitiveData) {
+            //     $this->permissions[] = 'view:sensitive';
+            // }
+            // if ($this->readOnly) {
+            //     $this->permissions[] = 'read-only';
+            // }
+            $token = auth()->user()->createToken($this->description, $this->permissions);
             $this->tokens = auth()->user()->tokens;
             session()->flash('token', $token->plainTextToken);
         } catch (\Exception $e) {