mirror of
https://github.com/Growstuff/growstuff.git
synced 2026-01-23 08:47:53 -05:00
02db5b8130
* feat: Add API token generation and authentication This commit introduces API token generation and authentication for write operations. - Adds a section to the user's profile edit page to generate and display an API token. - Reuses the `authentications` table to store the API token, avoiding the need for a database migration. - Implements token-based authentication for the API using the `Authorization: Token token=...` header. - Enables write operations for all API resources and ensures they are protected by the new authentication mechanism. - Adds feature and request specs to test the new functionality. * feat: Add API token generation and authentication This commit introduces API token generation and authentication for write operations. - Adds a section to the user's profile edit page to generate and display an API token. - Reuses the `authentications` table to store the API token, avoiding the need for a database migration. - Implements token-based authentication for the API using the `Authorization: Token token=...` header. - Enables write operations for all API resources and ensures they are protected by the new authentication mechanism. - Adds feature and request specs to test the new functionality. * Mark as editable * Refactor * WIP - Authentication * Implement more test coverage * Split 401 and 403 * Before Create hooks * Update harvest specs, defaulting to the first plant part - this may not be right * Update coverage * Update coverage * Rubocop * Rubocop * Rubocop * Fix coverage * For now, mark photos immutable again * Fix specs * Fix specs * Rubocop * Fix specs --------- Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> Co-authored-by: Daniel O'Connor <daniel.oconnor@gmail.com>
31 lines
1.3 KiB
Plaintext
31 lines
1.3 KiB
Plaintext
= form_for(resource, as: resource_name,
|
|
url: registration_path(resource_name) + '#apps',
|
|
html: { method: :put, class: 'form-horizontal' }) do |_f|
|
|
%br/
|
|
= render 'devise/shared/error_messages', resource: resource
|
|
.row
|
|
.col-md-12
|
|
%p
|
|
= image_tag "flickr_32.png", size: "32x32", alt: 'Flickr logo'
|
|
- if @flickr_auth
|
|
You are connected to Flickr as
|
|
= link_to @flickr_auth.name, "https://flickr.com/photos/#{@flickr_auth.uid}"
|
|
= link_to "Disconnect", @flickr_auth,
|
|
confirm: "Are you sure you want to remove this connection?",
|
|
method: :delete, class: "remove btn btn-danger"
|
|
- else
|
|
= link_to 'Connect to Flickr', '/members/auth/flickr', class: 'btn'
|
|
%hr
|
|
.row
|
|
.col-md-12
|
|
%p
|
|
= image_tag "icons/post.svg", size: "32x32", alt: 'API logo'
|
|
- if current_member.api_token?
|
|
Your API token is
|
|
%code= current_member.api_token.token
|
|
= link_to "Regenerate", regenerate_api_token_path,
|
|
data: { confirm: "Are you sure? Your old token will stop working immediately." },
|
|
method: :post, class: "remove btn btn-danger"
|
|
- else
|
|
= link_to 'Generate API Token', regenerate_api_token_path, method: :post, class: 'btn btn-primary'
|