Skip to content

Add password confirmation #115

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 17, 2024
Merged

Add password confirmation #115

merged 4 commits into from
Oct 17, 2024

Conversation

@julien-nc
Copy link
Member

for sensitive admin settings and fix mistake: saving dummy values in admin settings.

@julien-nc
ask password confirmation for sensitive admin settings
1d51680 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc
fix: saving dummy values
5ba4ac0 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc julien-nc requested a review from kyteinsky as a code owner October 16, 2024 10:36
kyteinsky
kyteinsky reviewed Oct 16, 2024
View reviewed changes
lib/Controller/ConfigController.php
if (in_array($key, ['client_id', 'client_secret', 'default_link_token'], true)) {
$this->secretService->setEncryptedAppValue($key, $value);
} else {
$this->config->setAppValue(Application::APP_ID, $key, $value);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's throw a bad request response here

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why? Where?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in the else block since this function should only serve to sensitive values. It would be cleaner but is fine either way.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's fine to set any value with this setSensitiveAdminConfig endpoint.
We just want to prevent using wrong keys in the setAdminConfig endpoint.

kyteinsky
kyteinsky reviewed Oct 16, 2024
View reviewed changes
@julien-nc
change default value for sensitive in the frontend
5ed3618 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc
update npm pkgs
5b1d2c8 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc julien-nc merged commit ad03a21 into main Oct 17, 2024
45 checks passed
@julien-nc julien-nc deleted the enh/noid/password-confirmation branch October 17, 2024 08:26
@julien-nc julien-nc mentioned this pull request Nov 5, 2024
Merged
@oleksandr-nc oleksandr-nc mentioned this pull request Nov 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kyteinsky kyteinsky kyteinsky approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@julien-nc @kyteinsky