0001-track-api-key-last-used-on.patch - Redmine

         token
       end
       def self.touch_api_token(key)
         where(action: 'api', value: key)
           .where("last_used_on IS NULL OR last_used_on <= ?", 1.minute.ago)
           .update_all(last_used_on: Time.now.utc)
       end
       def self.generate_token_value
         Redmine::Utils.random_hex(20)
       end

       end
       def self.find_by_api_key(key)
         Token.find_active_user('api', key)
         user = Token.find_active_user('api', key)
         Token.touch_api_token(key) if user
         user
       end
       # Makes find_by_mail case-insensitive

       <%= javascript_tag("$('#api-access-key').hide();") %>
       <p>
       <% if @user.api_token %>
       <%= l(:label_api_access_key_created_on, distance_of_time_in_words(Time.now, @user.api_token.created_on)) %>
         <%= l(:label_api_access_key_created_on, distance_of_time_in_words(Time.now, @user.api_token.created_on)) %><br />
         <% if @user.api_token.last_used_on %>
           <%= l(:label_api_access_key_last_used_on, distance_of_time_in_words(Time.now, @user.api_token.last_used_on)) %>
         <% else %>
           <%= l(:label_api_access_key_never_used) %>
         <% end %>
       <% else %>
       <%= l(:label_missing_api_access_key) %>
         <%= l(:label_missing_api_access_key) %>
       <% end %>
       (<%= link_to l(:button_reset), my_api_key_path, :method => :post %>)
       </p>

       label_any_issues_not_in_project: irgendein Ticket nicht im Projekt
       label_api_access_key: API-Zugriffsschlüssel
       label_api_access_key_created_on: Der API-Zugriffsschlüssel wurde vor %{value} erstellt
       label_api_access_key_last_used_on: "Zuletzt verwendet: vor %{value}"
       label_api_access_key_never_used: Nie verwendet
       label_applied_status: Zugewiesener Status
       label_ascending: Aufsteigend
       label_ask: Nachfragen

       label_api_access_key: API access key
       label_missing_api_access_key: Missing an API access key
       label_api_access_key_created_on: "API access key created %{value} ago"
       label_api_access_key_last_used_on: "Last used: %{value} ago"
       label_api_access_key_never_used: Never used
       label_profile: Profile
       label_subtask: Subtask
       label_subtask_plural: Subtasks

       label_api_access_key: Clé d'accès API
       label_missing_api_access_key: Clé d'accès API manquante
       label_api_access_key_created_on: Clé d'accès API créée il y a %{value}
       label_api_access_key_last_used_on: "Dernier usage : il y a %{value}"
       label_api_access_key_never_used: Jamais utilisée
       label_profile: Profil
       label_subtask_plural: Sous-tâches
       label_project_copy_notifications: Envoyer les notifications durant la copie du projet

       label_api_access_key: APIアクセスキー
       label_missing_api_access_key: APIアクセスキーが見つかりません
       label_api_access_key_created_on: "APIアクセスキーは%{value}前に作成されました"
       label_api_access_key_last_used_on: "最終使用：%{value}前"
       label_api_access_key_never_used: 未使用
       label_subtask_plural: 子チケット
       label_project_copy_notifications: コピーしたチケットのメール通知を送信する
       label_principal_search: "ユーザーまたはグループの検索:"

         assert_response :success
         assert_select 'h2', :text => "#{user.initials} #{user.name}"
       end
       def test_api_key_usage_via_header_should_update_last_used_on
         user = User.generate!
         token = Token.create!(:user => user, :action => 'api')
         assert_nil token.last_used_on
         get '/users/current.xml', :headers => {'X-Redmine-API-Key' => token.value}
         assert_response :ok
         assert_not_nil token.reload.last_used_on
       end
       def test_api_key_usage_via_parameter_should_update_last_used_on
         user = User.generate!
         token = Token.create!(:user => user, :action => 'api')
         assert_nil token.last_used_on
         get "/users/current.xml?key=#{token.value}"
         assert_response :ok
         assert_not_nil token.reload.last_used_on
       end
       def test_api_key_usage_via_basic_auth_should_update_last_used_on
         user = User.generate!
         token = Token.create!(:user => user, :action => 'api')
         assert_nil token.last_used_on
         get '/users/current.xml', :headers => credentials(token.value, 'X')
         assert_response :ok
         assert_not_nil token.reload.last_used_on
       end
       def test_failed_api_auth_should_not_update_last_used_on
         user = User.generate!
         token = Token.create!(:user => user, :action => 'api')
         get '/users/current.xml', :headers => {'X-Redmine-API-Key' => 'wrong_key'}
         assert_response :unauthorized
         assert_nil token.reload.last_used_on
       end
     end

         token = Token.create!(:user_id => 999, :action => 'api', :created_on => 2.days.ago)
         assert_nil Token.find_token('api', token.value, 1)
       end
       def test_touch_api_token_should_update_last_used_on_when_never_used
         token = Token.create!(:user_id => 1, :action => 'api')
         assert_nil token.last_used_on
         Token.touch_api_token(token.value)
         assert_not_nil token.reload.last_used_on
       end
       def test_touch_api_token_should_update_last_used_on_when_older_than_one_minute
         token = Token.create!(:user_id => 1, :action => 'api', :last_used_on => 2.minutes.ago)
         last_used = token.last_used_on
         Token.touch_api_token(token.value)
         assert token.reload.last_used_on > last_used
       end
       def test_touch_api_token_should_not_update_last_used_on_within_one_minute
         token = Token.create!(:user_id => 1, :action => 'api', :last_used_on => 1.second.ago)
         last_used = token.reload.last_used_on
         Token.touch_api_token(token.value)
         assert_equal last_used.to_i, token.reload.last_used_on.to_i
       end
       def test_touch_api_token_should_not_affect_other_action_tokens
         token = Token.create!(:user_id => 1, :action => 'feeds')
         Token.touch_api_token(token.value)
         assert_nil token.reload.last_used_on
       end
     end

db/migrate/20260409000000_add_last_used_on_to_tokens.rb
	1	# frozen_string_literal: true
	2
	3	class AddLastUsedOnToTokens < ActiveRecord::Migration[8.1]
	4	def change
	5	add_column :tokens, :last_used_on, :datetime
	6	end
	7	end

Project

General

Profile

Redmine

Feature #43938 » 0001-track-api-key-last-used-on.patch