[ARVADOS] updated: 2.1.0-541-gaf5e5d68e

Git user git at public.arvados.org
Mon Apr 5 21:45:25 UTC 2021 

Summary of changes:
 apps/workbench/app/controllers/sessions_controller.rb  | 3 ++-
 apps/workbench/app/views/users/_current_token.html.erb | 9 +++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

       via  af5e5d68e770343637510685cbf9c0deea665c02 (commit)
      from  e4749e7414f47464218fddc2315c21250efee634 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit af5e5d68e770343637510685cbf9c0deea665c02
Author: Lucas Di Pentima <lucas at di-pentima.com.ar>
Date:   Mon Apr 5 18:35:08 2021 -0300

    16159: Pass token to expire to controller on logout.
    
    Also, adds a warning on the "current token" page about token's transciency.
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas at di-pentima.com.ar>

diff --git a/apps/workbench/app/controllers/sessions_controller.rb b/apps/workbench/app/controllers/sessions_controller.rb
index bff0f9f1c..6557fc062 100644
--- a/apps/workbench/app/controllers/sessions_controller.rb
+++ b/apps/workbench/app/controllers/sessions_controller.rb
@@ -10,8 +10,9 @@ class SessionsController < ApplicationController
   skip_before_action :ensure_arvados_api_exists
 
   def destroy
+    token = session[:arvados_api_token]
     session.clear
-    redirect_to arvados_api_client.arvados_logout_url(return_to: root_url)
+    redirect_to arvados_api_client.arvados_logout_url(return_to: root_url, api_token: token)
   end
 
   def logged_out
diff --git a/apps/workbench/app/views/users/_current_token.html.erb b/apps/workbench/app/views/users/_current_token.html.erb
index 6b1ec33a2..543d4ebae 100644
--- a/apps/workbench/app/views/users/_current_token.html.erb
+++ b/apps/workbench/app/views/users/_current_token.html.erb
@@ -14,6 +14,15 @@ SPDX-License-Identifier: AGPL-3.0 %>
 <div id="#manage_current_token" class="panel-body">
 <p>The Arvados API token is a secret key that enables the Arvados SDKs to access Arvados with the proper permissions. For more information see <%= link_to raw('Getting an API token'), "#{Rails.configuration.Workbench.ArvadosDocsite}/user/reference/api-tokens.html", target: "_blank"%>.</p>
 <p>Paste the following lines at a shell prompt to set up the necessary environment for Arvados SDKs to authenticate to your <b><%= current_user.username %></b> account.</p>
+<%
+  wb2_url = nil
+  if Rails.configuration.Services.Workbench2.ExternalURL != URI("")
+    wb2_url = Rails.configuration.Services.Workbench2.ExternalURL.to_s
+    wb2_url += '/' if wb2_url[-1] != '/'
+    wb2_url += "token?api_token=" + Thread.current[:arvados_api_token]
+  end
+%>
+<p><b>IMPORTANT:</b> This token will expire when logged out. If you need a token for a long running process, it is recommended to <% if wb2_url %><a href="<%= wb2_url %>">get a token from Workbench2's Get API token dialog</a>. <% else %> create a new token using the CLI tools.<% end %></p>
 
 <pre>
 HISTIGNORE=$HISTIGNORE:'export ARVADOS_API_TOKEN=*'

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list