Docker/mealie
Docker/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-07-24 15:49:42 +02:00
Code Issues Releases Activity

fix: Remove API Tokens from User APIs (#4985)

Browse source
This commit is contained in:
Michael Genson 2025-01-29 13:52:12 -06:00 committed by GitHub
parent f2eadd2908
commit cb05adeb48
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 41 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

19
tests/integration_tests/user_tests/test_user_api_token.py
View file

@ -17,6 +17,25 @@ def long_live_token(api_client: TestClient, admin_token):
def test_api_token_creation(api_client: TestClient, admin_token):
response = api_client.post(api_routes.users_api_tokens, json={"name": "Test API Token"}, headers=admin_token)
assert response.status_code == 201
assert response.json()["token"]
def test_api_token_private(api_client: TestClient, admin_token):
response = api_client.post(api_routes.users_api_tokens, json={"name": "Test API Token"}, headers=admin_token)
assert response.status_code == 201
response = api_client.get(api_routes.users, headers=admin_token, params={"perPage": -1})
assert response.status_code == 200
for user in response.json()["items"]:
for user_token in user["tokens"] or []:
assert "token" not in user_token
response = api_client.get(api_routes.users_self, headers=admin_token)
assert response.status_code == 200
response_json = response.json()
assert response_json["tokens"]
for user_token in response_json["tokens"]:
assert "token" not in user_token
def test_use_token(api_client: TestClient, long_live_token):