-
-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
2.0.2 lost --apikey configuration and the abbility to specify an APIKEY via a file #6374
Comments
Thanks for the issue and sorry for my absense. As the APIKey option was not that difficult to add I'll readd support for that so you can choose between OAuth or API key. OAuth should be more secure as the key has a lifetime and you don't share the key with other people. |
Hello, Is there a chance this might be incomplete?. When trying to perform a pad deletion through the API I get a It seems it fails to pass this condition |
@SamTV12345 I'm also at last commit and not able to use the API anymore, though I have set It seems from the log it's being loaded properly. But all API calls give
|
I fixed authorization with authorization header. I guess you were only trying through that. The query parameter worked. |
I think this still doesn't work: |
Now it's finally fixed. Found the missing piece why it still didn't work via URL |
Describe the bug
2.0.2 lost --apikey configuration and the ability to specify an APIKEY via a file
some code references
fb56809#diff-56c1caaf7d4537bb927753753c7af805d5076ebf007dc4355eb47f570ea9fbe6L48
fb56809#diff-44bdd670b7e9c3a0511454a28c560903253342a74370d0a0d8556564ecc2c555L37
fb56809#diff-44bdd670b7e9c3a0511454a28c560903253342a74370d0a0d8556564ecc2c555L198
that is more than a breaking change while only changing the patch version!
based on the changelog it does introduce ADDITIONAL behavior rather then removing existing https://github.com/ether/etherpad-lite/blob/develop/CHANGELOG.md#202
on top of that there are still references to the APIKEY file in code, mostly in utility scripts found in bin
making me think that the removal of the apikey logic was not done on purpose
if oauth is the only way forward, is there a migration strategy?
The text was updated successfully, but these errors were encountered: