Remove Private Tokens (!14838) · Merge Requests · GitLab.org / GitLab FOSS

Merged

Opened Oct 12, 2017 by Douwe Maan @DouweM12 of 12 tasks completed12/12 tasks

Remove Private Tokens

To do:

Remove Private API Token from profile/account
Remove API::Session which can be used to get the private token when providing username/password
Remove UserWithPrivateDetails entity.
Remove all API/web authentication using private_token or authentication_token (they're the same thing)
Sudo scope (lib/api/helpers.rb:432)
Migrate Private tokens to PATs with the api scope, as well as the sudo scope if the user is an admin (depends on https://gitlab.com/gitlab-org/gitlab-ce/issues/38447)
Remove users.authentication_token
Update API docs (doc/api/README.md, doc/user/profile/personal_access_tokens.md)
Move RSS and incoming email tokens to Access Tokens (app/views/profiles/accounts/show.html.haml)
Fix specs
Add new specs
Add changelog item

Edited Nov 02, 2017 by Douwe Maan

Assignee

Assign to

10.2

Milestone

Assign milestone

Time tracking

0

Labels

None

Assign labels

Reference: gitlab-org/gitlab-foss!14838

This will create a new commit in order to revert the existing changes.

Revert in branch

Switch branch

A new branch will be created in your fork and a new merge request will be started.

Pick into branch

Switch branch

A new branch will be created in your fork and a new merge request will be started.