get auth token on profile page (#4703)

* get auth token on profile page * [user settings] web api auth token: fixup & improvement Co-authored-by: lian <lian@seafile.com> Co-authored-by: llj <lingjun.li1@gmail.com>
2025-09-02 23:48:47 +00:00 · 2020-10-23 16:18:03 +08:00
parent 711f4f72fb
commit af691dab1b
6 changed files with 63 additions and 4 deletions
--- a/frontend/src/components/user-settings/web-api-auth-token.js
+++ b/frontend/src/components/user-settings/web-api-auth-token.js
@@ -0,0 +1,41 @@
+import React from 'react';
+import { gettext } from '../../utils/constants';
+import { seafileAPI } from '../../utils/seafile-api';
+import { Utils } from '../../utils/utils';
+import toaster from '../toast';
+
+class WebAPIAuthToken extends React.Component {
+
+  constructor(props) {
+    super(props);
+    this.state = {
+      authToken: '******'
+    };
+  }
+
+  getAuthToken = () => {
+    seafileAPI.getAuthTokenBySession().then((res) => {
+      this.setState({
+        authToken: res.data.token
+      });
+    }).catch((error) => {
+      let errMessage = Utils.getErrorMsg(error);
+      toaster.danger(errMessage);
+    });
+  }
+
+  render() {
+    const { authToken } = this.state;
+    return (
+      <div id="get-auth-token" className="setting-item">
+        <h3 className="setting-item-heading">{gettext('Web API Auth Token')}</h3>
+        <div className="d-flex align-items-center">
+          <input type="text" readOnly={true} value={authToken} className="form-control mr-2 col-sm-5" />
+          <button className="btn btn-outline-primary" onClick={this.getAuthToken}>{gettext('Get')}</button>
+        </div>
+      </div>
+    );
+  }
+}
+
+export default WebAPIAuthToken;
--- a/frontend/src/settings.js
+++ b/frontend/src/settings.js
@@ -9,6 +9,7 @@ import CommonToolbar from './components/toolbar/common-toolbar';
 import SideNav from './components/user-settings/side-nav';
 import UserAvatarForm from './components/user-settings/user-avatar-form';
 import UserBasicInfoForm from './components/user-settings/user-basic-info-form';
+import WebAPIAuthToken from './components/user-settings/web-api-auth-token';
 import WebdavPassword from './components/user-settings/webdav-password';
 import LanguageSetting from './components/user-settings/language-setting';
 import ListInAddressBook from './components/user-settings/list-in-address-book';
@@ -25,8 +26,9 @@ import './css/user-settings.css';

 const {
  canUpdatePassword, passwordOperationText,
-  enableAddressBook,
+  enableGetAuthToken,
  enableWebdavSecret,
+  enableAddressBook,
  twoFactorAuthEnabled,
  enableWechatWork,
  enableDingtalk,
@@ -40,6 +42,7 @@ class Settings extends React.Component {
    this.sideNavItems = [
      {show: true, href: '#user-basic-info', text: gettext('Profile')},
      {show: canUpdatePassword, href: '#update-user-passwd', text: gettext('Password')},
+      {show: enableGetAuthToken, href: '#get-auth-token', text: gettext('Web API Auth Token')},
      {show: enableWebdavSecret, href: '#update-webdav-passwd', text: gettext('WebDav Password')},
      {show: enableAddressBook, href: '#list-in-address-book', text: gettext('Global Address Book')},
      {show: true, href: '#lang-setting', text: gettext('Language')},
@@ -129,9 +132,11 @@ class Settings extends React.Component {
                  <a href={`${siteRoot}accounts/password/change/`} className="btn btn-outline-primary">{passwordOperationText}</a>
                </div>
                }
+
+                {enableGetAuthToken && <WebAPIAuthToken />}
                {enableWebdavSecret && <WebdavPassword />}
                {enableAddressBook && this.state.userInfo &&
-                <ListInAddressBook userInfo={this.state.userInfo} updateUserInfo={this.updateUserInfo} />}
+                  <ListInAddressBook userInfo={this.state.userInfo} updateUserInfo={this.updateUserInfo} />}
                <LanguageSetting />
                {isPro && <EmailNotice />}
                {twoFactorAuthEnabled && <TwoFactorAuthentication />}
--- a/seahub/api2/endpoints/auth_token_by_session.py
+++ b/seahub/api2/endpoints/auth_token_by_session.py
@@ -3,9 +3,12 @@ from rest_framework.authentication import SessionAuthentication
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
+from rest_framework import status

 from seahub.api2.throttling import UserRateThrottle
-from seahub.api2.utils import get_token_v1
+from seahub.api2.utils import get_token_v1, api_error
+
+from seahub.settings import ENABLE_GET_AUTH_TOKEN_BY_SESSION


 class AuthTokenBySession(APIView):
@@ -18,6 +21,10 @@ class AuthTokenBySession(APIView):

    def get(self, request):

+        if not ENABLE_GET_AUTH_TOKEN_BY_SESSION:
+            error_msg = 'Feature is not enabled.'
+            return api_error(status.HTTP_403_FORBIDDEN, error_msg)
+
        token = get_token_v1(request.user.username)

        return Response({'token': token.key})
--- a/seahub/profile/templates/profile/set_profile_react.html
+++ b/seahub/profile/templates/profile/set_profile_react.html
@@ -18,12 +18,14 @@ window.app.pageOptions = {
  enableUpdateUserInfo: {% if ENABLE_UPDATE_USER_INFO %} true {% else %} false {% endif %},
  nameLabel: "{% trans "Name:" context "true name" %}",
  enableUserSetContactEmail: {% if ENABLE_USER_SET_CONTACT_EMAIL %} true {% else %} false {% endif %},
-  
+
  canUpdatePassword: {% if not is_ldap_user and ENABLE_CHANGE_PASSWORD %} true {% else %} false {% endif %},
  {% if not is_ldap_user and ENABLE_CHANGE_PASSWORD %}
  passwordOperationText: {% if user_unusable_password %}"{% trans "Set Password" %}"{% else %}"{% trans "Update" %}"{% endif %},
  {% endif %}

+  enableGetAuthToken: {% if ENABLE_GET_AUTH_TOKEN_BY_SESSION %} true {% else %} false {% endif %},
+
  enableWebdavSecret: {% if ENABLE_WEBDAV_SECRET %} true {% else %} false {% endif %},
  {% if ENABLE_WEBDAV_SECRET %}
  webdavPasswd: '{{ webdav_passwd|escapejs }}',
--- a/seahub/profile/views.py
+++ b/seahub/profile/views.py
@@ -118,6 +118,7 @@ def edit_profile(request):
            'is_ldap_user': is_ldap_user(request.user),
            'two_factor_auth_enabled': has_two_factor_auth(),
            'ENABLE_CHANGE_PASSWORD': settings.ENABLE_CHANGE_PASSWORD,
+            'ENABLE_GET_AUTH_TOKEN_BY_SESSION': settings.ENABLE_GET_AUTH_TOKEN_BY_SESSION,
            'ENABLE_WEBDAV_SECRET': settings.ENABLE_WEBDAV_SECRET,
            'ENABLE_DELETE_ACCOUNT': ENABLE_DELETE_ACCOUNT,
            'ENABLE_UPDATE_USER_INFO': ENABLE_UPDATE_USER_INFO,
--- a/seahub/settings.py
+++ b/seahub/settings.py
@@ -392,6 +392,9 @@ FORCE_PASSWORD_CHANGE = True
 # Enable a user to change password in 'settings' page.
 ENABLE_CHANGE_PASSWORD = True

+# Enable a user to get auth token in 'settings' page.
+ENABLE_GET_AUTH_TOKEN_BY_SESSION = False
+
 ENABLE_DELETE_ACCOUNT = True
 ENABLE_UPDATE_USER_INFO = True