New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Makes report export overlay compatible with app specific tokens #16066
Conversation
Should the place holder and description be maybe "app specific token auth"? Could maybe also have a link to manage the tokens so user can create them easily? Not really sure though if this is actually needed? Not sure what the value be of being able to enter the token auth? It might again rather encourage to share the token? Code works though 👍 BTW could we add here: https://github.com/matomo-org/matomo/blob/4.x-dev/core/Access.php#L177 a |
Was thinking about that as well. But actually we are naming the tokens that way nowhere. In security settings they are simply called "auth tokens".
That's correct. But actually someone needs to enter an auth token and so he is doing that kind of on purpose... |
Tried that, but seems not that easy as we are using an angular radio field there, and HTML seems not to work in the option titles |
All good about the other comments 👍
I'm still not sure it's really needed that users can configure their actual token though? Not sure what the purpose is and when they would use it? |
If someone wants to use the generated url for anything outside of Matomo or wants to bookmark it for later usage for example. The session url wouldn't work for this... |
@sgiehl we rather not have this option for now to keep the UI easy and simple. I reckon only very few users would actually use it (like less than 5%) that way and then they could still simply replace the token in the URL manually. If few people ask for it later then we could still add it. |
@tsteur Should we add some kind of note then, that the generated URL will only work in the current session? Might otherwise be confusing for people why it's not possible anymore to use the link somewhere else. |
I reckon it's not needed. It's like any other link doesn't work somewhere else either. Of course this one used to work. Not sure if you have anything specific in mind? |
@tsteur We could maybe show something like: We could show the note maybe only when someone clicks show export url |
@sgiehl let's maybe show it as tooltip when they hover the export button, hide export URL or the textarea that is showing the URL. Maybe add a sentence:
|
@tsteur applied the changes. |
The export popover will now allow to choose between session auth or using a custom app specific token:
fixes #16043