# 456 Rework API key creation

* removes frontend input field holding generated API key * replaces with modal form * reworks tests on API token form
2025-01-08 16:03:26 +01:00
parent 123a470006
commit 9b63307f01
11 changed files with 214 additions and 389 deletions
--- a/user/forms/user.py
+++ b/user/forms/user.py
@@ -66,48 +66,3 @@ class UserNotificationForm(BaseForm):
            id__in=selected_notification_ids,
        )
        self.user.notifications.set(notifications)
-
-
-class UserAPITokenForm(BaseForm):
-    token = forms.CharField(
-        label=_("Token"),
-        label_suffix="",
-        max_length=255,
-        required=True,
-        help_text=_("Generated automatically - not editable"),
-        widget=GenerateInput(
-            attrs={
-                "class": "form-control",
-                "url": reverse_lazy("api:generate-new-token"),
-            }
-        )
-    )
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        self.form_title = _("Create new token")
-        self.form_caption = _("A new token needs to be validated by an administrator!")
-
-        self.action_url = reverse("user:api-token")
-        self.cancel_redirect = reverse("user:index")
-
-        # Make direct token editing by user impossible. Instead set the proper url for generating a new token
-        self.initialize_form_field("token", None)
-        self.fields["token"].widget.attrs["readonly"] = True
-
-    def save(self):
-        """ Saves the form data
-
-        Returns:
-            api_token (APIUserToken)
-        """
-        user = self.instance
-        new_token = self.cleaned_data["token"]
-        if user.api_token is not None:
-            user.api_token.delete()
-        new_token = APIUserToken.objects.create(
-            token=new_token
-        )
-        user.api_token = new_token
-        user.save()
-        return new_token