issue_comments
47 rows where "created_at" is on date 2022-10-26 sorted by updated_at descending
This data as json, CSV (advanced)
Suggested facets: issue_url, reactions, created_at (date)
user 6
- simonw 42
- eyeseast 1
- CharlesNepote 1
- ocdtrekkie 1
- chapmanjacobd 1
- asg017 1
id | html_url | issue_url | node_id | user | created_at | updated_at ▲ | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
1292709818 | https://github.com/simonw/datasette/issues/1858#issuecomment-1292709818 | https://api.github.com/repos/simonw/datasette/issues/1858 | IC_kwDOBm6k_c5NDS-6 | simonw 9599 | 2022-10-26T22:07:04Z | 2022-10-26T22:07:04Z | OWNER | New token design:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
`max_signed_tokens_ttl` setting for a maximum duration on API tokens 1423364990 | |
1292708227 | https://github.com/simonw/datasette/issues/1858#issuecomment-1292708227 | https://api.github.com/repos/simonw/datasette/issues/1858 | IC_kwDOBm6k_c5NDSmD | simonw 9599 | 2022-10-26T22:05:34Z | 2022-10-26T22:05:34Z | OWNER | I just realized this can't easily affect the More to the point: even if it did, someone could abuse their knowledge of the secret to create a signed non-expiring token even on servers that didn't want to support those. So I actually need to redesign the token format: it needs to store the timestamp when the token was created and the intended duration, NOT the timestamp that the token expires at. Otherwise it's not possible for servers to enforce |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
`max_signed_tokens_ttl` setting for a maximum duration on API tokens 1423364990 | |
1292687774 | https://github.com/simonw/datasette/issues/1858#issuecomment-1292687774 | https://api.github.com/repos/simonw/datasette/issues/1858 | IC_kwDOBm6k_c5NDNme | simonw 9599 | 2022-10-26T21:44:57Z | 2022-10-26T21:44:57Z | OWNER | I'm going for consistency with So |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
`max_signed_tokens_ttl` setting for a maximum duration on API tokens 1423364990 | |
1292685478 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292685478 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDNCm | simonw 9599 | 2022-10-26T21:42:35Z | 2022-10-26T21:42:35Z | OWNER | That's deployed to https://latest.datasette.io/ now - some examples:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292679567 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292679567 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDLmP | simonw 9599 | 2022-10-26T21:36:25Z | 2022-10-26T21:36:25Z | OWNER | I'm never 100% sure how to tell if a regular expression includes a nasty denial of service attack - are there any inputs that could cause this new regex to execute in quadratic time or similar? |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292678657 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292678657 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDLYB | simonw 9599 | 2022-10-26T21:35:23Z | 2022-10-26T21:35:37Z | OWNER | Here are the new tests - each of these should now work: https://github.com/simonw/datasette/blob/55a709c480a1e7401b4ff6208f37a2cf7c682183/tests/test_utils.py#L170-L175 |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292674919 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292674919 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDKdn | simonw 9599 | 2022-10-26T21:31:22Z | 2022-10-26T21:31:22Z | OWNER | I'm experimenting with this: ```python Allow SQL to start with a / / or -- commentcomment_re = ( # Start of string, then any amount of whitespace r'^(\s' + # Comment that starts with -- and ends at a newline r'(?:--.?\n\s)' + # Comment that starts with / and ends with / r'|(?:/*[\s\S]?*/)' + # Whitespace r')\s' ) allowed_sql_res = [ re.compile(comment_re + r"select\b"), re.compile(comment_re + r"explain\s+select\b"), re.compile(comment_re + r"explain\s+query\s+plan\s+select\b"), re.compile(comment_re + r"with\b"), re.compile(comment_re + r"explain\s+with\b"), re.compile(comment_re + r"explain\s+query\s+plan\s+with\b"), ] ``` This should allow any number of comments of either type as a suffix to the allowed SQL patterns. Needs extensive unit tests! I'm not massively worried if it has a flaw in it though, since this is part of Datasette's defense in depth: if a non-SELECT query sneaks through it still shouldn't be able to cause any damage as the database connection is read-only or immutable. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292659986 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292659986 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDG0S | simonw 9599 | 2022-10-26T21:14:26Z | 2022-10-26T21:15:22Z | OWNER | Yeah we should fix this. https://www.sqlite.org/lang_comment.html - SQLite also supports I like how explicit the documentation is here:
|
{ "total_count": 1, "+1": 1, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292654852 | https://github.com/simonw/datasette/issues/1849#issuecomment-1292654852 | https://api.github.com/repos/simonw/datasette/issues/1849 | IC_kwDOBm6k_c5NDFkE | simonw 9599 | 2022-10-26T21:08:44Z | 2022-10-26T21:08:44Z | OWNER | Generally though we should expect that people might try to use |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
NoneType' object has no attribute 'actor' 1420174670 | |
1292654522 | https://github.com/simonw/datasette/issues/1849#issuecomment-1292654522 | https://api.github.com/repos/simonw/datasette/issues/1849 | IC_kwDOBm6k_c5NDFe6 | simonw 9599 | 2022-10-26T21:08:20Z | 2022-10-26T21:08:20Z | OWNER | From the stack trace in Sentry: So this happened because a custom plugin tried to render |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
NoneType' object has no attribute 'actor' 1420174670 | |
1292653219 | https://github.com/simonw/datasette/issues/1849#issuecomment-1292653219 | https://api.github.com/repos/simonw/datasette/issues/1849 | IC_kwDOBm6k_c5NDFKj | simonw 9599 | 2022-10-26T21:06:56Z | 2022-10-26T21:06:56Z | OWNER | This was a hit to an authenticated page where the incoming user WAS logged in but did not have permission to view that specific page. Code in question: https://github.com/simonw/datasette/blob/c7dd76c26257ded5bcdfd0570e12412531b8b88f/datasette/app.py#L634-L640 |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
NoneType' object has no attribute 'actor' 1420174670 | |
1292592210 | https://github.com/simonw/datasette/issues/1851#issuecomment-1292592210 | https://api.github.com/repos/simonw/datasette/issues/1851 | IC_kwDOBm6k_c5NC2RS | eyeseast 25778 | 2022-10-26T20:03:46Z | 2022-10-26T20:03:46Z | CONTRIBUTOR | Yeah, every time I see something cool done with triggers, I remember that I need to start using triggers. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
API to insert a single record into an existing table 1421544654 | |
1292544296 | https://github.com/simonw/datasette/issues/1851#issuecomment-1292544296 | https://api.github.com/repos/simonw/datasette/issues/1851 | IC_kwDOBm6k_c5NCqko | simonw 9599 | 2022-10-26T19:33:34Z | 2022-10-26T19:33:34Z | OWNER | That trigger solution is pretty neat! |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
API to insert a single record into an existing table 1421544654 | |
1292519956 | https://github.com/simonw/datasette/issues/1851#issuecomment-1292519956 | https://api.github.com/repos/simonw/datasette/issues/1851 | IC_kwDOBm6k_c5NCkoU | asg017 15178711 | 2022-10-26T19:20:33Z | 2022-10-26T19:20:33Z | CONTRIBUTOR |
@eyeseast Maybe you could do this with triggers? Like you can insert JSON-friendly data into a "raw" table, and create a trigger that transforms that inserted data into the proper table Here's an example: ```sql -- meant to be updated from a Datasette insert create table points_raw(longitude int, latitude int); -- the target table with proper spatliate geometries create table points(point geometry); CREATE TRIGGER insert_points_raw INSERT ON points_raw BEGIN insert into points(point) values (makepoint(new.longitude, new.latitude)) END; ``` You could then POST a new row to Then SQLite with run the trigger and insert a new row in |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
API to insert a single record into an existing table 1421544654 | |
1292401308 | https://github.com/simonw/sqlite-utils/pull/499#issuecomment-1292401308 | https://api.github.com/repos/simonw/sqlite-utils/issues/499 | IC_kwDOCGYnMM5NCHqc | chapmanjacobd 7908073 | 2022-10-26T17:54:26Z | 2022-10-26T17:54:51Z | CONTRIBUTOR | The problem with how it is currently is that the transformed fts table will return incorrect results (unless the table was only 1 row or something), even if create_triggers was enabled previously. Maybe the simplest solution is to disable fts on a transformed table rather than try to recreate it? Thoughts? |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
feat: recreate fts triggers after table transform 1405196044 | |
1292390996 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292390996 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NCFJU | CharlesNepote 562352 | 2022-10-26T17:43:41Z | 2022-10-26T17:43:41Z | NONE | I guess the issue is here: https://github.com/simonw/datasette/blob/9676b2deb07cff20247ba91dad3e84a4ab0b00d1/datasette/utils/init.py#L209 Here is a working regexp allowing it:
You can play with the regexp here: https://regex101.com/r/aESXDL/3 |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1291485444 | https://github.com/simonw/datasette/issues/1855#issuecomment-1291485444 | https://api.github.com/repos/simonw/datasette/issues/1855 | IC_kwDOBm6k_c5M-oEE | simonw 9599 | 2022-10-26T04:30:34Z | 2022-10-26T04:30:34Z | OWNER | I'm going to delay working on this until after I have some of the write APIs built to try it against: - #1851 |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
`datasette create-token` ability to create tokens with a reduced set of permissions 1423336089 | |
1291484749 | https://github.com/simonw/datasette/issues/1859#issuecomment-1291484749 | https://api.github.com/repos/simonw/datasette/issues/1859 | IC_kwDOBm6k_c5M-n5N | simonw 9599 | 2022-10-26T04:29:43Z | 2022-10-26T04:29:43Z | OWNER | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
datasette create-token CLI command 1423369494 | ||
1291467084 | https://github.com/simonw/datasette/issues/1843#issuecomment-1291467084 | https://api.github.com/repos/simonw/datasette/issues/1843 | IC_kwDOBm6k_c5M-jlM | simonw 9599 | 2022-10-26T04:03:49Z | 2022-10-26T04:03:49Z | OWNER | This time I'm suspicious that there are open SQLite files tucked away in thread locals hidden inside my thread pool executor: |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Intermittent "Too many open files" error running tests 1408757705 | |
1291466613 | https://github.com/simonw/datasette/issues/1843#issuecomment-1291466613 | https://api.github.com/repos/simonw/datasette/issues/1843 | IC_kwDOBm6k_c5M-jd1 | simonw 9599 | 2022-10-26T04:02:56Z | 2022-10-26T04:02:56Z | OWNER | Just saw this error again! |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Intermittent "Too many open files" error running tests 1408757705 | |
1291439998 | https://github.com/simonw/datasette/issues/1859#issuecomment-1291439998 | https://api.github.com/repos/simonw/datasette/issues/1859 | IC_kwDOBm6k_c5M-c9- | simonw 9599 | 2022-10-26T03:15:13Z | 2022-10-26T03:15:13Z | OWNER | Reads from |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
datasette create-token CLI command 1423369494 | |
1291439875 | https://github.com/simonw/datasette/issues/1859#issuecomment-1291439875 | https://api.github.com/repos/simonw/datasette/issues/1859 | IC_kwDOBm6k_c5M-c8D | simonw 9599 | 2022-10-26T03:14:58Z | 2022-10-26T03:14:58Z | OWNER | Initial design:
Or:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
datasette create-token CLI command 1423369494 | |
1291435464 | https://github.com/simonw/datasette/issues/1858#issuecomment-1291435464 | https://api.github.com/repos/simonw/datasette/issues/1858 | IC_kwDOBm6k_c5M-b3I | simonw 9599 | 2022-10-26T03:07:16Z | 2022-10-26T03:07:16Z | OWNER | This setting will disable the "Token never expires" option: |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
`max_signed_tokens_ttl` setting for a maximum duration on API tokens 1423364990 | |
1291406219 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291406219 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-UuL | simonw 9599 | 2022-10-26T02:19:54Z | 2022-10-26T02:59:52Z | OWNER | I'm going to split the remaining work into separate issues:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291431132 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291431132 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-azc | simonw 9599 | 2022-10-26T02:59:50Z | 2022-10-26T02:59:50Z | OWNER | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | ||
1291430992 | https://github.com/simonw/datasette/issues/1850#issuecomment-1291430992 | https://api.github.com/repos/simonw/datasette/issues/1850 | IC_kwDOBm6k_c5M-axQ | simonw 9599 | 2022-10-26T02:59:33Z | 2022-10-26T02:59:33Z | OWNER | I started the documentation for the API tokens mechanism here: https://docs.datasette.io/en/1.0-dev/authentication.html#api-tokens |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Write API in Datasette core 1421529723 | |
1291418546 | https://github.com/simonw/datasette/issues/1857#issuecomment-1291418546 | https://api.github.com/repos/simonw/datasette/issues/1857 | IC_kwDOBm6k_c5M-Xuy | simonw 9599 | 2022-10-26T02:38:35Z | 2022-10-26T02:38:35Z | OWNER | I'm going to set a convention that an actor signed in via a token should set |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Prevent API tokens from using /-/create-token to create more tokens 1423347412 | |
1291417755 | https://github.com/simonw/datasette/issues/1850#issuecomment-1291417755 | https://api.github.com/repos/simonw/datasette/issues/1850 | IC_kwDOBm6k_c5M-Xib | simonw 9599 | 2022-10-26T02:36:52Z | 2022-10-26T02:36:58Z | OWNER | I'm going to set a convention that
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Write API in Datasette core 1421529723 | |
1291417100 | https://github.com/simonw/datasette/issues/1850#issuecomment-1291417100 | https://api.github.com/repos/simonw/datasette/issues/1850 | IC_kwDOBm6k_c5M-XYM | simonw 9599 | 2022-10-26T02:35:32Z | 2022-10-26T02:35:32Z | OWNER | It strikes me that users should NOT be able to use a token to create additional tokens. The current design actually does allow that, since the So I think I need a mechanism whereby that page can only allow access to users authenticated by cookie. Not obvious how to do that though, since Datasette's authentication actor system is designed to abstract that detail away! |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Write API in Datasette core 1421529723 | |
1291410747 | https://github.com/simonw/datasette/issues/1856#issuecomment-1291410747 | https://api.github.com/repos/simonw/datasette/issues/1856 | IC_kwDOBm6k_c5M-V07 | simonw 9599 | 2022-10-26T02:27:05Z | 2022-10-26T02:27:05Z | OWNER | Because of that I think this is a better name:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
allow_signed_tokens setting for disabling API signed token mechanism 1423336122 | |
1291410331 | https://github.com/simonw/datasette/issues/1856#issuecomment-1291410331 | https://api.github.com/repos/simonw/datasette/issues/1856 | IC_kwDOBm6k_c5M-Vub | simonw 9599 | 2022-10-26T02:26:19Z | 2022-10-26T02:26:19Z | OWNER | It's a bit confusing that a setting called Is it confusing enough that I should pick a different name for the setting though? |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
allow_signed_tokens setting for disabling API signed token mechanism 1423336122 | |
1291409312 | https://github.com/simonw/datasette/issues/1856#issuecomment-1291409312 | https://api.github.com/repos/simonw/datasette/issues/1856 | IC_kwDOBm6k_c5M-Veg | simonw 9599 | 2022-10-26T02:24:49Z | 2022-10-26T02:24:49Z | OWNER | The effect of this setting will be:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
allow_signed_tokens setting for disabling API signed token mechanism 1423336122 | |
1291397623 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291397623 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-Sn3 | simonw 9599 | 2022-10-26T02:11:40Z | 2022-10-26T02:11:40Z | OWNER | Built a prototype of the
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291392887 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291392887 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-Rd3 | simonw 9599 | 2022-10-26T02:04:48Z | 2022-10-26T02:04:48Z | OWNER | Implemented that |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291290451 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291290451 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M94dT | simonw 9599 | 2022-10-26T00:49:56Z | 2022-10-26T00:49:56Z | OWNER | Prefix: |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291289369 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291289369 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M94MZ | simonw 9599 | 2022-10-26T00:47:46Z | 2022-10-26T00:47:46Z | OWNER | The tokens also need something that can be used to differentiate them from alternative token mechanisms that other plugins might provide. Maybe a prefix before the signed value. Prefixes are also useful for scanning to check they were not accidentally committed to source control. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291272280 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291272280 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90BY | simonw 9599 | 2022-10-26T00:16:09Z | 2022-10-26T00:46:21Z | OWNER | Other options:
These feel inconsistent because they don't use the I like that last one. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291281243 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291281243 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M92Nb | simonw 9599 | 2022-10-26T00:32:21Z | 2022-10-26T00:32:21Z | OWNER | Rather than duplicating the entire actor into the "a" field, maybe just copy the actor ID? Would need to restrict token creation to just actors with an ID set. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291277913 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291277913 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M91ZZ | ocdtrekkie 4399499 | 2022-10-26T00:26:11Z | 2022-10-26T00:26:11Z | NONE |
This is what we do for Sandstorm essentially and I fully agree it's the right way to do API tokens in multiuser systems. Constraints will definitely be important though. I know I want a token to submit error reports programmatically, but I wouldn't want that token to convey my right to delete tables and records, Little Bobby Tables is out there somewhere, and he's all grown up now. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291274835 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291274835 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90pT | simonw 9599 | 2022-10-26T00:20:48Z | 2022-10-26T00:22:26Z | OWNER | Tests failed because I added a view without also adding documentation! I forgot that the deploy still goes out for branches other than |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291273609 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291273609 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90WJ | simonw 9599 | 2022-10-26T00:18:40Z | 2022-10-26T00:18:40Z | OWNER | Another thought about tokens that can act on behalf of the user. Imagine a user has permission to access a table. They create a token that can create that table... but then their permission is revoked. It would be bad if they could still use that token they created earlier to access that table! On that basis, I think the model described above where tokens mainly work to provide an "act on behalf of this actor" - but with optional additional constraints - is a good one. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291272612 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291272612 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90Gk | simonw 9599 | 2022-10-26T00:16:53Z | 2022-10-26T00:16:53Z | OWNER | Next step: make these tokens actually do something. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291272414 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291272414 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90De | simonw 9599 | 2022-10-26T00:16:28Z | 2022-10-26T00:16:28Z | OWNER | If I'm going to change the naming conventions for settings I should do it before Datasette 1.0. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291271580 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291271580 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9z2c | simonw 9599 | 2022-10-26T00:14:49Z | 2022-10-26T00:15:06Z | OWNER | If I'm going to have a setting to disable this feature I need to decide what it will be called. Closest existing setting is this one, since it's for a feature that is turned on by default:
So maybe this?
I like
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291270227 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291270227 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9zhT | simonw 9599 | 2022-10-26T00:12:18Z | 2022-10-26T00:12:18Z | OWNER | Demo is now live at https://latest-1-0-dev.datasette.io/-/create-token - visit https://latest-1-0-dev.datasette.io/login-as-root first to sign in. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291269607 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291269607 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9zXn | simonw 9599 | 2022-10-26T00:11:15Z | 2022-10-26T00:11:15Z | OWNER | If you click "Create token" for "Token never expires" multiple times you currently get exactly the same token each time, since it's just a signed token containing a copy of your actor dictionary. I'm not sure if I like that. I could give each token a random ID (maybe using |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291268380 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291268380 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9zEc | simonw 9599 | 2022-10-26T00:09:06Z | 2022-10-26T00:09:06Z | OWNER | Demo: |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] ( [html_url] TEXT, [issue_url] TEXT, [id] INTEGER PRIMARY KEY, [node_id] TEXT, [user] INTEGER REFERENCES [users]([id]), [created_at] TEXT, [updated_at] TEXT, [author_association] TEXT, [body] TEXT, [reactions] TEXT, [issue] INTEGER REFERENCES [issues]([id]) , [performed_via_github_app] TEXT); CREATE INDEX [idx_issue_comments_issue] ON [issue_comments] ([issue]); CREATE INDEX [idx_issue_comments_user] ON [issue_comments] ([user]);
issue 12