UI For Access Tokens Shows "Never Expire" If No Date Is Selected - But does expire in default 30 days
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Summary
If no date is selected for an Access Token (by click the x on the date picker), the UI will show that token as Expiring: Never though token will expire in 30 days by default.
Steps to reproduce
- Go to Profile
- Click to Access Token
- Give the token a name, perhaps 'test of UI'
- In
Expiration datedate picker, click on thexto remove the date mention. You should then only seeYYYY-MM-DDin the date picker - Select an any API scope (one or more)
- Click
Create Personal Access Token - Observe that the token is created and shown as
Never Expire
What is the current bug behavior?
So one creates a token one thinks is good "forever", only to debug why they get auth errors at a seemingly random time (but is actually 30 days from when the token was created)
What is the expected correct behavior?
If a user attempts to create a token with no date, the UI should show a date 30days out, or cause an error and say they need to select a date.
Output of checks
This bug happens on GitLab.com
Possible fixes
Unclear where in the code base; would be interested in working on a possible solution (as this impacted a coworker). At a high level two solutions,
- a check that indicates a date must be picked and the
Create Personal Access Tokenbutton remains grayed out or - If no date is selected, the UI displays a date 30 days out, rather then
Never
Text on the PAT screen should be updated to indicate a default expiration date is set to 30 days.