Hanne Moa
Hanne Moa
See also #1439, #1442
See #3684 for more ideas on how to fix the bug and where `str(APIToken)` is used.
Two branches for this I think: - [x] Fix __str__ on ApiToken to not reveal actual token (#3686) - [x] Rewrite existing auditlogs for APIToken to hide actual token (#3690)
Closing, the token is no longer copied/shown verbatim in the audit log or logging system, and existing audit logs are also altered.
@dependabot rebase
The information in this file is quite useful for humans, I wish there were a pre-existing standard for it that was tool-independent and meant for humans. OVERVIEW.md say.
I would move the htmx middleware before the authentication middleware. They are independent of each other. Also, not sure if the stock htmx middleware is the cause, but on Argus...
Agree about the migrations, the change to BigAutoField should already have happened . On Tuesday I hope to be able to check this properly. Do `python manage.py dbshell` against prod...