opensource/dify
2
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-06-27 07:31:09 +08:00
Code Issues Packages Projects Releases Wiki Activity
a79bc7d074
dify/web/app/components/develop
History
yungle246 a79bc7d074 feat(api): mask secret tokens in api-key list responses (reveal-once) 
Previously the console api-key list returned every key's full plaintext
token, so anyone with console access could retrieve the secret of an
already-created key (via the copy button or the raw API response). This
is contrary to the reveal-once norm.

- List endpoints (app keys, workspace dataset keys, per-dataset keys) now
  return a masked token (prefix + last 4); the full secret is only ever
  returned by the create endpoint, at creation time.
- Frontend secret-key modal displays the masked token as-is and drops the
  copy affordance for existing keys (copying a masked value is pointless).

Applies to both app and dataset keys since they share the modal and the
ApiKeyItem response model.
2026-06-25 14:21:38 +09:00
..
__tests__ feat: RBAC (#37107) 2026-06-18 16:35:29 +00:00
hooks chore: enable noUncheckedIndexedAccess (#35178) 2026-04-16 13:01:35 +00:00
secret-key feat(api): mask secret tokens in api-key list responses (reveal-once) 2026-06-25 14:21:38 +09:00
template feat: support custom trace session id for Phoenix tracing (#37056) 2026-06-04 08:42:03 +00:00
ApiServer.tsx feat: RBAC (#37107) 2026-06-18 16:35:29 +00:00
code.tsx refactor(web): replace useContext with use() in remaining components (#25193) (#37254) 2026-06-10 06:52:41 +00:00
doc.tsx feat(ui): scaffold @langgenius/dify-ui and migrate design tokens (#35256) 2026-04-15 13:11:20 +00:00
index.tsx feat: RBAC (#37107) 2026-06-18 16:35:29 +00:00
md.tsx refactor: migrate to tailwind v4 style (#36417) 2026-05-20 03:39:44 +00:00
tag.tsx refactor: migrate to tailwind v4 style (#36417) 2026-05-20 03:39:44 +00:00
toc-panel.tsx refactor: migrate to tailwind v4 style (#36417) 2026-05-20 03:39:44 +00:00