API key management tweaks [SCI-10763]

This commit is contained in:
Martin Artnik 2024-06-03 13:47:00 +02:00
parent 1b730a8977
commit 23d311473e
6 changed files with 29 additions and 5 deletions

View file

@ -210,13 +210,19 @@ class Users::RegistrationsController < Devise::RegistrationsController
def regenerate_api_key
current_user.regenerate_api_key!
redirect_to edit_user_registration_path
redirect_to(edit_user_registration_path(anchor: 'api-key'),
flash: {
success: t('users.registrations.edit.api_key.generated')
})
end
def revoke_api_key
current_user.revoke_api_key!
redirect_to edit_user_registration_path
redirect_to(edit_user_registration_path(anchor: 'api-key'),
flash: {
success: t('users.registrations.edit.api_key.revoked')
})
end
protected

View file

@ -516,6 +516,7 @@ class User < ApplicationRecord
def regenerate_api_key!
update!(
api_key: SecureRandom.urlsafe_base64(33),
api_key_created_at: Time.current,
api_key_expires_at: Constants::API_KEY_EXPIRES_IN.from_now
)
end

View file

@ -1,11 +1,19 @@
<div class="mb-8">
<h3><%= t("users.registrations.edit.api_key.title") %></h3>
<h3 id="api-key"><%= t("users.registrations.edit.api_key.title") %></h3>
<p>
<%= t("users.registrations.edit.api_key.description") %>
</p>
<% if current_user.api_key %>
<div class="api-key-display">
<%= text_field_tag :api_key, current_user.api_key, class: "p-3 mb-2 w-full", disabled: "disabled" %>
<div class="form-group sci-input-container right-icon !w-1/2">
<%= password_field_tag :api_key,
current_user.api_key,
name: 'api_key',
class: 'form-control sci-input-field !text-sn-black !font-mono !cursor-text',
disabled: 'disabled'
%>
<i class="sn-icon sn-icon-visibility-show show-password" style="cursor: pointer; z-index: 10"></i>
</div>
<% if current_user.api_key_expires_at < Time.current %>
<p class="">
<%= t("users.registrations.edit.api_key.expired") %>

View file

@ -13,5 +13,5 @@ Rails.application.configure do
config.x.core_api_v2_enabled = ENV['CORE_API_V2_ENABLED'] || false
config.x.core_api_key_enabled = ENV['CORE_API_KEY_ENABLED'] || false
config.x.core_api_key_enabled = ENV['CORE_API_KEY_ENABLED'] == 'true'
end

View file

@ -2832,6 +2832,8 @@ en:
regenerate: "Regenerate"
revoke: "Revoke"
expired: "This key has expired!"
generated: "API key generated!"
revoked: "API key revoked!"
new:
head_title: "Sign up"
team_name_label: "Team name"

View file

@ -0,0 +1,7 @@
# frozen_string_literal: true
class AddApiKeyCreatedAtToUsers < ActiveRecord::Migration[7.0]
def change
add_column :users, :api_key_created_at, :timestamp
end
end