feat(api-tokens): add ability to roll (regenerate) API token secrets and UI to display the newly generated token once
This commit is contained in:
@@ -1,5 +1,15 @@
|
||||
# Changelog
|
||||
|
||||
## 2026-02-27 - 10.1.0 - feat(api-tokens)
|
||||
add ability to roll (regenerate) API token secrets and UI to display the newly generated token once
|
||||
|
||||
- Server: added ApiTokenManager.rollToken(id) to regenerate a token secret, update its hash, persist it and log the action.
|
||||
- Server: added opsserver handler 'rollApiToken' which requires admin identity and returns the new raw token value (shown once) or error messages.
|
||||
- API: added typed request interface IReq_RollApiToken for the rollApiToken RPC.
|
||||
- Web: added appstate.rollApiToken wrapper to call the new typed request.
|
||||
- UI: ops-view-apitokens updated with a 'Roll' action and a modal flow to confirm rolling, call the API, refresh token list, and present the new token value to copy (token value is shown only once).
|
||||
- Security: operation is admin-only and the raw token is returned only once after rolling.
|
||||
|
||||
## 2026-02-27 - 10.0.0 - BREAKING CHANGE(remote-ingress)
|
||||
replace tlsConfigured boolean with tlsMode ('custom' | 'acme' | 'self-signed') and compute TLS mode server-side
|
||||
|
||||
|
||||
Reference in New Issue
Block a user