Skip to content

Commit cdb554c

Browse files
Turbo87Turbo87
authored
Change default API token expiration to 90 days (#9414)
Now that we have token expiration warning emails and an easy way to create a new token based on the settings of an existing one, we can finally change the default value of this setting to a slightly more secure value.
1 parent e550d74 commit cdb554c

File tree

4 files changed

+36
-15
lines changed

4 files changed

+36
-15
lines changed

app/controllers/settings/tokens/new.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,7 @@ export default class NewTokenController extends Controller {
9797
reset() {
9898
this.name = '';
9999
this.nameInvalid = false;
100-
this.expirySelection = 'none';
100+
this.expirySelection = '90';
101101
this.expiryDateInput = null;
102102
this.expiryDateInvalid = false;
103103
this.scopes = [];

app/templates/settings/tokens/new.hbs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -38,11 +38,11 @@
3838
data-test-expiry
3939
{{on "change" this.updateExpirySelection}}
4040
>
41-
<option value="none" selected>No expiration</option>
41+
<option value="none">No expiration</option>
4242
<option value="7">7 days</option>
4343
<option value="30">30 days</option>
4444
<option value="60">60 days</option>
45-
<option value="90">90 days</option>
45+
<option value="90" selected>90 days</option>
4646
<option value="365">365 days</option>
4747
<option value="custom">Custom...</option>
4848
</select>

e2e/routes/settings/tokens/new.spec.ts

Lines changed: 16 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ test.describe('/settings/tokens/new', { tag: '@routes' }, () => {
3636
await expect(page).toHaveURL('/settings/tokens/new');
3737

3838
await page.fill('[data-test-name]', 'token-name');
39+
await page.locator('[data-test-expiry]').selectOption('none');
3940
await page.click('[data-test-scope="publish-update"]');
4041
await page.click('[data-test-generate]');
4142

@@ -64,6 +65,7 @@ test.describe('/settings/tokens/new', { tag: '@routes' }, () => {
6465
await expect(page).toHaveURL('/settings/tokens/new');
6566

6667
await page.fill('[data-test-name]', 'token-name');
68+
await page.locator('[data-test-expiry]').selectOption('none');
6769
await page.click('[data-test-scope="publish-update"]');
6870
await page.click('[data-test-scope="yank"]');
6971

@@ -152,14 +154,21 @@ test.describe('/settings/tokens/new', { tag: '@routes' }, () => {
152154
test('token expiry', async ({ page }) => {
153155
await page.goto('/settings/tokens/new');
154156
await expect(page).toHaveURL('/settings/tokens/new');
155-
await expect(page.locator('[data-test-expiry-description]')).toHaveText('The token will never expire');
157+
await expect(page.locator('[data-test-name]')).toHaveValue('');
158+
await expect(page.locator('[data-test-expiry]')).toHaveValue('90');
159+
let expiryDate = new Date('2018-02-18T00:00:00');
160+
let expectedDate = expiryDate.toLocaleDateString(undefined, { dateStyle: 'long' });
161+
let expectedDescription = `The token will expire on ${expectedDate}`;
162+
await expect(page.locator('[data-test-expiry-description]')).toHaveText(expectedDescription);
156163

157164
await page.fill('[data-test-name]', 'token-name');
158-
await page.locator('[data-test-expiry]').selectOption('30');
165+
await page.locator('[data-test-expiry]').selectOption('none');
166+
await expect(page.locator('[data-test-expiry-description]')).toHaveText('The token will never expire');
159167

160-
let expiryDate = new Date('2017-12-20T00:00:00');
161-
let expectedDate = expiryDate.toLocaleDateString(undefined, { dateStyle: 'long' });
162-
let expectedDescription = `The token will expire on ${expectedDate}`;
168+
await page.locator('[data-test-expiry]').selectOption('30');
169+
expiryDate = new Date('2017-12-20T00:00:00');
170+
expectedDate = expiryDate.toLocaleDateString(undefined, { dateStyle: 'long' });
171+
expectedDescription = `The token will expire on ${expectedDate}`;
163172
await expect(page.locator('[data-test-expiry-description]')).toHaveText(expectedDescription);
164173

165174
await page.click('[data-test-scope="publish-update"]');
@@ -190,9 +199,10 @@ test.describe('/settings/tokens/new', { tag: '@routes' }, () => {
190199
test('token expiry with custom date', async ({ page }) => {
191200
await page.goto('/settings/tokens/new');
192201
await expect(page).toHaveURL('/settings/tokens/new');
193-
await expect(page.locator('[data-test-expiry-description]')).toHaveText('The token will never expire');
194202

195203
await page.fill('[data-test-name]', 'token-name');
204+
await page.locator('[data-test-expiry]').selectOption('none');
205+
await expect(page.locator('[data-test-expiry-description]')).toHaveText('The token will never expire');
196206
await page.locator('[data-test-expiry]').selectOption('custom');
197207
await expect(page.locator('[data-test-expiry-description]')).toHaveCount(0);
198208

tests/routes/settings/tokens/new-test.js

Lines changed: 17 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,7 @@ module('/settings/tokens/new', function (hooks) {
5656
assert.strictEqual(currentURL(), '/settings/tokens/new');
5757

5858
await fillIn('[data-test-name]', 'token-name');
59+
await select('[data-test-expiry]', 'none');
5960
await click('[data-test-scope="publish-update"]');
6061
await click('[data-test-generate]');
6162

@@ -81,6 +82,7 @@ module('/settings/tokens/new', function (hooks) {
8182
assert.strictEqual(currentURL(), '/settings/tokens/new');
8283

8384
await fillIn('[data-test-name]', 'token-name');
85+
await select('[data-test-expiry]', 'none');
8486
await click('[data-test-scope="publish-update"]');
8587
await click('[data-test-scope="yank"]');
8688

@@ -150,14 +152,22 @@ module('/settings/tokens/new', function (hooks) {
150152

151153
await visit('/settings/tokens/new');
152154
assert.strictEqual(currentURL(), '/settings/tokens/new');
153-
assert.dom('[data-test-expiry-description]').hasText('The token will never expire');
155+
assert.dom('[data-test-name]').hasValue('');
156+
assert.dom('[data-test-expiry]').hasValue('90');
157+
let expiryDate = new Date('2018-02-18T00:00:00');
158+
let expectedDate = expiryDate.toLocaleDateString(undefined, { dateStyle: 'long' });
159+
let expectedDescription = `The token will expire on ${expectedDate}`;
160+
assert.dom('[data-test-expiry-description]').hasText(expectedDescription);
154161

155162
await fillIn('[data-test-name]', 'token-name');
156-
await select('[data-test-expiry]', '30');
157163

158-
let expiryDate = new Date('2017-12-20T00:00:00');
159-
let expectedDate = expiryDate.toLocaleDateString(undefined, { dateStyle: 'long' });
160-
let expectedDescription = `The token will expire on ${expectedDate}`;
164+
await select('[data-test-expiry]', 'none');
165+
assert.dom('[data-test-expiry-description]').hasText('The token will never expire');
166+
167+
await select('[data-test-expiry]', '30');
168+
expiryDate = new Date('2017-12-20T00:00:00');
169+
expectedDate = expiryDate.toLocaleDateString(undefined, { dateStyle: 'long' });
170+
expectedDescription = `The token will expire on ${expectedDate}`;
161171
assert.dom('[data-test-expiry-description]').hasText(expectedDescription);
162172

163173
await click('[data-test-scope="publish-update"]');
@@ -183,9 +193,10 @@ module('/settings/tokens/new', function (hooks) {
183193

184194
await visit('/settings/tokens/new');
185195
assert.strictEqual(currentURL(), '/settings/tokens/new');
186-
assert.dom('[data-test-expiry-description]').hasText('The token will never expire');
187196

188197
await fillIn('[data-test-name]', 'token-name');
198+
await select('[data-test-expiry]', 'none');
199+
assert.dom('[data-test-expiry-description]').hasText('The token will never expire');
189200
await select('[data-test-expiry]', 'custom');
190201
assert.dom('[data-test-expiry-description]').doesNotExist();
191202

0 commit comments

Comments
 (0)