Skip to content

missing route DELETE /users/{username}/tokens #4234

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
2 of 7 tasks
markuman opened this issue Jun 12, 2018 · 3 comments · Fixed by #4235
Closed
2 of 7 tasks

missing route DELETE /users/{username}/tokens #4234

markuman opened this issue Jun 12, 2018 · 3 comments · Fixed by #4235
Labels
modifies/api This PR adds API routes or modifies them type/enhancement An improvement of existing functionality
Milestone
1.6.0

Comments

@markuman
Copy link

  • Gitea version (or commit ref): 1.4.2
  • Git version: 2.7.4
  • Operating system: CentOS release 6.9 (Final)
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • No
    • Not relevant
  • Log gist:

Description

There are two API routes for the user auth token in the current swagger docs: https://try.gitea.io/api/swagger

GET /users/{username}/tokens 
    List the authenticated user's access tokens

POST /users/{username}/tokens 
    Create an access token

but DELETE a token for a user is missing.
See https://github.com/go-gitea/gitea/blob/908e8942ccae5b7966c7084780b3441e2190d9c1/routers/api/v1/user/app.go

So, what it needs (next to the swagger definitions) is, that the function
func DeleteAccessToken(ctx *context.APIContext)
in
gitea/routers/api/v1/user/app.go
is added, which calls models.DeleteAccessTokenByID(token_id, user_id), right?

Or is this route for some reason an unwanted feature?
@lafriks lafriks added type/enhancement An improvement of existing functionality modifies/api This PR adds API routes or modifies them labels Jun 12, 2018
@techknowlogick techknowlogick mentioned this issue Jun 12, 2018
Merged
@techknowlogick
Copy link
Member

@markuman I've just opened up PR #4235 to resolve this

Please test to ensure it works for your use-case.

@lunny lunny added this to the 1.6.0 milestone Jun 13, 2018
@markuman
Copy link
Author

markuman commented Jun 13, 2018
edited
Loading

@techknowlogick I'm not sure what I did wrong.
I simply do git checkout pr-4235 and run TAGS="bindata" make generate build.

So the swagger docs display the delete route now. But when I try to list the tokens before delete, I got an unauthorized response.

I tried http://127.0.0.1:3000/api/v1/users/m/tokens?token=2062451fcf99a33eba0a2a0a6cc6b2877901b929 and also with bearer auth token.
See the screenshot
unauth

hm even on my running 1.4.2 gitea, listing tokens doesn't work.
Any ideas?

@markuman markuman mentioned this issue Jun 13, 2018
Closed
7 tasks
@stevegt stevegt mentioned this issue Jun 13, 2018
Closed
@markuman
Copy link
Author

@techknowlogick here #3842 (comment) @bkcsoft pointed out, that basic auth is required for listing tokens.

$ curl --request GET --url https://m:[email protected]/api/v1/users/m/tokens
[{"name":"test","sha1":"..."},{"name":"dev","sha1":"..."}]

I also noticed that the {username} in the url specification /users/{username}/tokens is completely irrelevant.

$ curl --request GET --url https://m:[email protected]/api/v1/users/fasgdjfhgdsf/tokens
[{"name":"test","sha1":"..."},{"name":"dev","sha1":"..."}]

So the swagger specs should also be adjust (maybe with this merge request.

@markuman markuman mentioned this issue Jun 16, 2018
Closed
techknowlogick added a commit that referenced this issue Jul 7, 2018
@techknowlogick
Add ability to delete a token (#4235)
ab55ca7 
Fix #4234
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
modifies/api This PR adds API routes or modifies them type/enhancement An improvement of existing functionality
Projects
None yet
Milestone
1.6.0
Development

Successfully merging a pull request may close this issue.

Add ability to delete a token
4 participants
@lunny @techknowlogick @lafriks @markuman