Make ALLOW_TOKEN_RETRIEVAL = False the default

Fixes #18751
This commit is contained in:
Christoph Petrausch 2025-02-27 09:46:06 +01:00
parent 7aba6500dd
commit 58d9659835
2 changed files with 2 additions and 2 deletions

View File

@ -2,7 +2,7 @@
## ALLOW_TOKEN_RETRIEVAL
Default: True
Default: False
If disabled, the values of API tokens will not be displayed after each token's initial creation. A user **must** record the value of a token prior to its creation, or it will be lost. Note that this affects _all_ users, regardless of assigned permissions.

View File

@ -56,7 +56,7 @@ for parameter in ('ALLOWED_HOSTS', 'DATABASE', 'SECRET_KEY', 'REDIS'):
# Set static config parameters
ADMINS = getattr(configuration, 'ADMINS', [])
ALLOW_TOKEN_RETRIEVAL = getattr(configuration, 'ALLOW_TOKEN_RETRIEVAL', True)
ALLOW_TOKEN_RETRIEVAL = getattr(configuration, 'ALLOW_TOKEN_RETRIEVAL', False)
ALLOWED_HOSTS = getattr(configuration, 'ALLOWED_HOSTS') # Required
AUTH_PASSWORD_VALIDATORS = getattr(configuration, 'AUTH_PASSWORD_VALIDATORS', [
{