1491: Add api token feature

[ztefanie]

Short description

Add possibility to add and delete tokens and to view metadata of the tokens. Tests will be done in #1618

Proposed changes

• Added new database table for tokens
• added three graphql endpoints
• added api token section in administration settings for koblenz and project admins

Testing

login as a koblenz project admin. go to settings, create and delete tokens.

Resolved issues

Fixes: #1491

[f1sh1918]

Just tested the implementation and it works fine 👍
Before reviewing it i want to discuss some general things (we also might improve in the future):

1. It might make sense to add a token name like in git so you can distinguish between the tokens.
2. Then we could display this instead "Email des Erstellers" because its always the same and doesn't bring any value to show it.
3. I think an creation date would be good and also display sth like "Added on
4. Before deleting the token i would expect an Alert like "Do you really want to delete this". We already have a component for that can be easily used.
5. A copy paste field where the generated token is displayed and can be copied via one click on it without missing sth by selecting.

And could you please resolve the migration conflicts :)

[ztefanie]

Just tested the implementation and it works fine 👍 Before reviewing it i want to discuss some general things (we also might improve in the future):

1. It might make sense to add a token name like in git so you can distinguish between the tokens.
2. Then we could display this instead "Email des Erstellers" because its always the same and doesn't bring any value to show it.
3. I think an creation date would be good and also display sth like "Added on
4. Before deleting the token i would expect an Alert like "Do you really want to delete this". We already have a component for that can be easily used.
5. A copy paste field where the generated token is displayed and can be copied via one click on it without missing sth by selecting.

And could you please resolve the migration conflicts :)

Yes these are all valid improvments, but I though we somehow agreed an a minimum usable feature and not a very good one, as it will only be used by very few people very rarly. So i think the solution I suggested is good enough and a lot more is not covered by our offer.

[f1sh1918]

Just tested the implementation and it works fine 👍 Before reviewing it i want to discuss some general things (we also might improve in the future):

1. It might make sense to add a token name like in git so you can distinguish between the tokens.
2. Then we could display this instead "Email des Erstellers" because its always the same and doesn't bring any value to show it.
3. I think an creation date would be good and also display sth like "Added on
4. Before deleting the token i would expect an Alert like "Do you really want to delete this". We already have a component for that can be easily used.
5. A copy paste field where the generated token is displayed and can be copied via one click on it without missing sth by selecting.

And could you please resolve the migration conflicts :)

Yes these are all valid improvments, but I though we somehow agreed an a minimum usable feature and not a very good one, as it will only be used by very few people very rarly. So i think the solution I suggested is good enough and a lot more is not covered by our offer.

ok then just two small things.
The colors of the font and background of the token are in a really bad contrast. I suggest just use to use some border. And lets keep the token and the label New Token separate so copying is easier. Thats no big issue to adjust

My color suggestion for a good contrast:

Ah and according to 2) i didn't realized that they are project not user based so thats fine

[f1sh1918]

Good work! 👍
Tested and works fine
Added some comments but nothing crucial

[seluianova]

Looks good to me in general! Added a few suggestions.

Also, I agree with Andy regarding the confirmation dialog before deletion and I think it might be important if Koblenz stores a token in some app config for example. Then if they accidentally delete it, they might have to redeploy their app.
Not sure if it's a plausible case though.
What do you think?

[seluianova]

Thanks! Looks nice to me

[f1sh1918]

Works great! Nice 👍
Just some small things