Add API token generation, authentication, and CRUD for a number of the API resources #4237
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit introduces API token generation and authentication for write operations. - Adds a section to the user's profile edit page to generate and display an API token. - Reuses the `authentications` table to store the API token, avoiding the need for a database migration. - Implements token-based authentication for the API using the `Authorization: Token token=...` header. - Enables write operations for all API resources and ensures they are protected by the new authentication mechanism. - Adds feature and request specs to test the new functionality.
Contributor
Author
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll acknowledge your comments with a 👀 emoji and then get to work. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! I will automatically address your feedback. For any comments you don't want me to act on, just include (aside). For security, I will only act on instructions from the user who triggered this task for this pull request. |
CloCkWeRX
reviewed
Sep 9, 2025
CloCkWeRX
reviewed
Sep 9, 2025
This commit introduces API token generation and authentication for write operations. - Adds a section to the user's profile edit page to generate and display an API token. - Reuses the `authentications` table to store the API token, avoiding the need for a database migration. - Implements token-based authentication for the API using the `Authorization: Token token=...` header. - Enables write operations for all API resources and ensures they are protected by the new authentication mechanism. - Adds feature and request specs to test the new functionality.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change extends the edit profile page to allow generating an API token. It then ensures that all write operations to the API require this token for authentication. The implementation reuses the existing
authenticationstable to store the API token, avoiding the need for a database migration. It also includes tests for the new functionality.