datasette-auth-tokens

• Fixed a bug where the heading "Specific tables in specific databases" showed even for databases with no tables. #32

• Fix for intermittent database is locked bug in managed tokens mode. #30

• New auth-tokens-create permission governing whether users are allowed to create tokens. #24
• New auth-tokens-view-all permission, granting users the ability to view tokens that they did not themselves create. #19
• auth-tokens-revoke-any renamed to auth-tokens-review-all. #29

• Fix for 500 bug if actors were not correctly returned. #23

• Actors on the token listing page are now displayed using the actors_from_ids mechanism, if available. #22

Improvements to the create token page for managed token mode. #21

• Don't show permissions-debug and debug-menu, since they don't make sense for API tokens to use.
• Include short descriptions of each permission.

• Token permissions are now displayed in a more human-readable way. #9
• New /-/api/tokens interface for viewing and revoking managed tokens. #15
• Only the creator of a token or a user with the new auth-tokens-revoke-any permission can revoke a token. #16
• Tokens now record when they expired or were revoked in the new ended_timestamp column. #17
• Now defaults to storing tokens in the new internal database from Datasette 1.0a5. #18

• Fix bug where an invalid signature on an incoming dstok_ token caused a 500 error. #14

• Multiple database support for managed tokens mode: use the new manage_tokens_database setting to specify which database should hold the authentication tokens. #11
• Cosmetic improvements to the display of the token creation page. #12, #13

• Alpha release, with first preview of the new manage tokens mode. This provides a table for database-backed API tokens and an interface for creating and revoking them. #7

• New param plugin configuration option for specifying a query string parameter that can be used instead of the Authorization: Bearer header - thanks, Jannis Leidel. (#5)

• Minor documentation fixes

• Documentation on how to secure tokens. #3

• New SQL configuration mode. You can now configure this plugin to look up incoming API tokens in a database table. #1

• Removed rogue print statements.

Now depends on Datasette 0.44.

First working version.