Commit 116d8cfc authored by Eric Eastwood's avatar Eric Eastwood

Fix new personal access token showing up in a flash message

parent e0f84130
...@@ -8,7 +8,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController ...@@ -8,7 +8,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
@personal_access_token = finder.build(personal_access_token_params) @personal_access_token = finder.build(personal_access_token_params)
if @personal_access_token.save if @personal_access_token.save
flash[:personal_access_token] = @personal_access_token.token PersonalAccessToken.redis_store!(current_user.id, @personal_access_token.token)
redirect_to profile_personal_access_tokens_path, notice: "Your new personal access token has been created." redirect_to profile_personal_access_tokens_path, notice: "Your new personal access token has been created."
else else
set_index_vars set_index_vars
...@@ -43,5 +43,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController ...@@ -43,5 +43,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
@inactive_personal_access_tokens = finder(state: 'inactive').execute @inactive_personal_access_tokens = finder(state: 'inactive').execute
@active_personal_access_tokens = finder(state: 'active').execute.order(:expires_at) @active_personal_access_tokens = finder(state: 'active').execute.order(:expires_at)
@new_personal_access_token = PersonalAccessToken.redis_getdel(current_user.id)
end end
end end
...@@ -3,6 +3,8 @@ class PersonalAccessToken < ActiveRecord::Base ...@@ -3,6 +3,8 @@ class PersonalAccessToken < ActiveRecord::Base
include TokenAuthenticatable include TokenAuthenticatable
add_authentication_token_field :token add_authentication_token_field :token
REDIS_EXPIRY_TIME = 3.minutes
serialize :scopes, Array # rubocop:disable Cop/ActiveRecordSerialize serialize :scopes, Array # rubocop:disable Cop/ActiveRecordSerialize
belongs_to :user belongs_to :user
...@@ -27,6 +29,21 @@ class PersonalAccessToken < ActiveRecord::Base ...@@ -27,6 +29,21 @@ class PersonalAccessToken < ActiveRecord::Base
!revoked? && !expired? !revoked? && !expired?
end end
def self.redis_getdel(user_id)
Gitlab::Redis::SharedState.with do |redis|
token = redis.get(redis_shared_state_key(user_id))
redis.del(redis_shared_state_key(user_id))
token
end
end
def self.redis_store!(user_id, token)
Gitlab::Redis::SharedState.with do |redis|
redis.set(redis_shared_state_key(user_id), token, ex: REDIS_EXPIRY_TIME)
token
end
end
protected protected
def validate_scopes def validate_scopes
...@@ -38,4 +55,8 @@ class PersonalAccessToken < ActiveRecord::Base ...@@ -38,4 +55,8 @@ class PersonalAccessToken < ActiveRecord::Base
def set_default_scopes def set_default_scopes
self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty? self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty?
end end
def self.redis_shared_state_key(user_id)
"gitlab:personal_access_token:#{user_id}"
end
end end
...@@ -15,14 +15,13 @@ ...@@ -15,14 +15,13 @@
They are the only accepted password when you have Two-Factor Authentication (2FA) enabled. They are the only accepted password when you have Two-Factor Authentication (2FA) enabled.
.col-lg-8 .col-lg-8
- if @new_personal_access_token
- if flash[:personal_access_token]
.created-personal-access-token-container .created-personal-access-token-container
%h5.prepend-top-0 %h5.prepend-top-0
Your New Personal Access Token Your New Personal Access Token
.form-group .form-group
= text_field_tag 'created-personal-access-token', flash[:personal_access_token], readonly: true, class: "form-control js-select-on-focus", 'aria-describedby' => "created-personal-access-token-help-block" = text_field_tag 'created-personal-access-token', @new_personal_access_token, readonly: true, class: "form-control js-select-on-focus", 'aria-describedby' => "created-personal-access-token-help-block"
= clipboard_button(text: flash[:personal_access_token], title: "Copy personal access token to clipboard", placement: "left") = clipboard_button(text: @new_personal_access_token, title: "Copy personal access token to clipboard", placement: "left")
%span#created-personal-access-token-help-block.help-block.text-danger Make sure you save it - you won't be able to access it again. %span#created-personal-access-token-help-block.help-block.text-danger Make sure you save it - you won't be able to access it again.
%hr %hr
......
require 'spec_helper' require 'spec_helper'
describe PersonalAccessToken do describe PersonalAccessToken do
subject { described_class }
describe '.build' do describe '.build' do
let(:personal_access_token) { build(:personal_access_token) } let(:personal_access_token) { build(:personal_access_token) }
let(:invalid_personal_access_token) { build(:personal_access_token, :invalid) } let(:invalid_personal_access_token) { build(:personal_access_token, :invalid) }
...@@ -45,6 +47,29 @@ describe PersonalAccessToken do ...@@ -45,6 +47,29 @@ describe PersonalAccessToken do
end end
end end
describe 'Redis storage' do
let(:user_id) { 123 }
let(:token) { 'abc000foo' }
before do
subject.redis_store!(user_id, token)
end
it 'returns stored data' do
expect(subject.redis_getdel(user_id)).to eq(token)
end
context 'after deletion' do
before do
expect(subject.redis_getdel(user_id)).to eq(token)
end
it 'token is removed' do
expect(subject.redis_getdel(user_id)).to be_nil
end
end
end
context "validations" do context "validations" do
let(:personal_access_token) { build(:personal_access_token) } let(:personal_access_token) { build(:personal_access_token) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment