Commit Graph

8 Commits

Author SHA1 Message Date
Joffrey JAFFEUX
c4644c61d9
DEV: enforces double quotes ember-template-lint (#9416) 2020-04-14 08:18:49 +02:00
Joffrey JAFFEUX
b66b277dc4
DEV: enforces block-indentation of ember-template-lint rules (#9408) 2020-04-13 17:17:20 +02:00
Joffrey JAFFEUX
902d0e1e3a
DEV: enforces no-invalid-interactive linting rule (#8907) 2020-02-11 15:55:16 +01:00
Penar Musaraj
f755810906 DEV: replace "trash" icons with "trash-alt" 2020-01-06 12:35:00 -05:00
David Taylor
4c9ca24ccf
FEATURE: Hash API keys in the database (#8438)
API keys are now only visible when first created. After that, only the first four characters are stored in the database for identification, along with an sha256 hash of the full key. This makes key usage easier to audit, and ensures attackers would not have access to the live site in the event of a database leak.

This makes the merge lower risk, because we have some time to revert if needed. Once the change is confirmed to be working, we will add a second commit to drop the `key` column.
2019-12-12 11:45:00 +00:00
David Taylor
cf4356cd81 UX: Do not add leading/trailing spaces when copying API key in Firefox
If there is any other whitespace in the container, then Firefox will add a leading/trailing space when double clicking the key. This commit wraps the key in a div with no whitespace, to work around the problem.
2019-11-12 16:00:57 +00:00
David Taylor
99b0697bd9 FIX: Correct display of last used date in API key details UI 2019-11-07 23:41:43 +00:00
David Taylor
52c5cf33f8
FEATURE: Overhaul of admin API key system (#8284)
- Allow revoking keys without deleting them
- Auto-revoke keys after a period of no use (default 6 months)
- Allow multiple keys per user
- Allow attaching a description to each key, for easier auditing
- Log changes to keys in the staff action log
- Move all key management to one place, and improve the UI
2019-11-05 14:10:23 +00:00