NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2026-01-18 17:52:21 -06:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Closes #20834: Add support for enabling/disabling Tokens (#20864)
Some checks failed
CI / build (20.x, 3.12) (push) Has been cancelled
Details
CI / build (20.x, 3.13) (push) Has been cancelled
Details
CodeQL / Analyze (${{ matrix.language }}) (none, actions) (push) Has been cancelled
Details
CodeQL / Analyze (${{ matrix.language }}) (none, javascript-typescript) (push) Has been cancelled
Details
CodeQL / Analyze (${{ matrix.language }}) (none, python) (push) Has been cancelled
Details

Browse Source 
* feat(users): Add support for enabling/disabling Tokens

Introduce an `enabled` flag on the `Token` model to allow temporarily
revoking API tokens without deleting them. Update forms, serializers,
and views to expose the new field.
Enforce the `enabled` flag in token authentication.
Add model, API, and authentication tests for the new behavior.

Fixes #20834

* Fix authentication test

---------

Co-authored-by: Jeremy Stretch <jstretch@netboxlabs.com>
This commit is contained in:
Martin Hauser
2025-11-26 23:15:14 +01:00
committed by GitHub
parent b5edfa5d53
commit 513b11450d
16 changed files with 143 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
netbox/users/models/tokens.py
View File

@@ -61,6 +61,11 @@ class Token(models.Model):
blank=True,
null=True
)
enabled = models.BooleanField(
verbose_name=_('enabled'),
default=True,
help_text=_('Disable to temporarily revoke this token without deleting it.'),
)
write_enabled = models.BooleanField(
verbose_name=_('write enabled'),
default=True,
@@ -180,6 +185,22 @@ class Token(models.Model):
self.key = self.key or self.generate_key()
self.update_digest()
@property
def is_expired(self):
"""
Check whether the token has expired.
"""
if self.expires is None or timezone.now() < self.expires:
return False
return True
@property
def is_active(self):
"""
Check whether the token is active (enabled and not expired).
"""
return self.enabled and not self.is_expired
def clean(self):
super().clean()
@@ -236,12 +257,6 @@ class Token(models.Model):
hashlib.sha256
).hexdigest()
@property
def is_expired(self):
if self.expires is None or timezone.now() < self.expires:
return False
return True
def validate(self, token):
"""
Validate the given plaintext against the token.