mirror of
https://github.com/discourse/discourse.git
synced 2024-12-20 00:33:54 +08:00
4c9ca24ccf
API keys are now only visible when first created. After that, only the first four characters are stored in the database for identification, along with an sha256 hash of the full key. This makes key usage easier to audit, and ensures attackers would not have access to the live site in the event of a database leak. This makes the merge lower risk, because we have some time to revert if needed. Once the change is confirmed to be working, we will add a second commit to drop the `key` column.
80 lines
2.5 KiB
Handlebars
80 lines
2.5 KiB
Handlebars
{{#link-to 'adminApiKeys.index' class="go-back"}}
|
|
{{d-icon 'arrow-left'}}
|
|
{{i18n 'admin.api.all_api_keys'}}
|
|
{{/link-to}}
|
|
|
|
<div class="api-key">
|
|
{{#admin-form-row label="admin.api.key"}}
|
|
{{#if model.revoked_at}}{{d-icon 'times-circle'}}{{/if}}
|
|
{{model.truncatedKey}}
|
|
{{/admin-form-row}}
|
|
|
|
{{#admin-form-row label="admin.api.description"}}
|
|
{{#if editingDescription}}
|
|
{{input value=buffered.description maxlength="255" placeholder=(i18n "admin.api.description_placeholder")}}
|
|
{{else}}
|
|
<span {{action "editDescription"}}>{{if model.description model.description (i18n "admin.api.no_description")}}</span>
|
|
{{/if}}
|
|
|
|
<div class='controls'>
|
|
{{#if editingDescription}}
|
|
{{d-button class="ok" action=(action "saveDescription") icon="check"}}
|
|
{{d-button class="cancel" action=(action "editDescription") icon="times"}}
|
|
{{else}}
|
|
{{d-button class="btn-default" action=(action "editDescription") icon="pencil-alt"}}
|
|
{{/if}}
|
|
</div>
|
|
{{/admin-form-row}}
|
|
|
|
{{#admin-form-row label="admin.api.user"}}
|
|
{{#if model.user}}
|
|
{{#link-to "adminUser" model.user}}
|
|
{{avatar model.user imageSize="small"}} {{model.user.username}}
|
|
{{/link-to}}
|
|
{{else}}
|
|
{{i18n "admin.api.all_users"}}
|
|
{{/if}}
|
|
{{/admin-form-row}}
|
|
|
|
{{#admin-form-row label="admin.api.created"}}
|
|
{{format-date model.created_at leaveAgo="true"}}
|
|
{{/admin-form-row}}
|
|
|
|
{{#admin-form-row label="admin.api.updated"}}
|
|
{{format-date model.updated_at leaveAgo="true"}}
|
|
{{/admin-form-row}}
|
|
|
|
{{#admin-form-row label="admin.api.last_used"}}
|
|
{{#if model.last_used_at}}
|
|
{{format-date model.last_used_at leaveAgo="true"}}
|
|
{{else}}
|
|
{{i18n "admin.api.never_used"}}
|
|
{{/if}}
|
|
{{/admin-form-row}}
|
|
|
|
{{#admin-form-row label="admin.api.revoked"}}
|
|
{{#if model.revoked_at}}
|
|
{{format-date model.revoked_at leaveAgo="true"}}
|
|
{{/if}}
|
|
<div class='controls'>
|
|
{{#if model.revoked_at}}
|
|
{{d-button
|
|
action=(action "undoRevokeKey")
|
|
actionParam=model icon="undo"
|
|
label="admin.api.undo_revoke"}}
|
|
{{d-button
|
|
action=(action "deleteKey")
|
|
actionParam=model icon="trash"
|
|
label="admin.api.delete"
|
|
class="btn-danger"}}
|
|
{{else}}
|
|
{{d-button
|
|
class="btn-danger"
|
|
action=(action "revokeKey")
|
|
actionParam=model
|
|
icon="times"
|
|
label="admin.api.revoke"}}
|
|
{{/if}}
|
|
</div>
|
|
{{/admin-form-row}}
|
|
</div> |