View Source Plausible.Plugins.API.Token (Plausible v0.0.1)

Ecto schema for Plugins API Tokens. Tokens are stored hashed and require a description.

Tokens are considered secret, although the Plugins API by nature will expose very little, if any, destructive/insecure operations.

The raw token version is meant to be presented to the user upon creation. It is prefixed with a plain text identifier allowing source scanning for leaked secrets.

Summary

Types

t()

Functions

generate(random_bytes \\ random_bytes())
hash(raw)
insert_changeset(site, map, attrs \\ %{})
last_used_humanize(token)
prefix()

Raw tokens are prefixed so that tools like https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning can scan repositories for accidental secret commits.

Types

Link to this type

t()

View Source 
@type t() :: %Plausible.Plugins.API.Token{
  __meta__: term(),
  description: term(),
  hint: term(),
  id: term(),
  inserted_at: term(),
  last_used_at: term(),
  site: term(),
  site_id: term(),
  token_hash: term(),
  updated_at: term()
}

Functions

Link to this function

generate(random_bytes \\ random_bytes())

View Source 
@spec generate(String.t()) :: map()
Link to this function

hash(raw)

View Source 
@spec hash(String.t()) :: binary()
Link to this function

insert_changeset(site, map, attrs \\ %{})

View Source 
@spec insert_changeset(Plausible.Site.t(), map(), map()) :: Ecto.Changeset.t()
Link to this function

last_used_humanize(token)

View Source 
@spec last_used_humanize(t()) :: String.t()
Link to this function

prefix()

View Source

Raw tokens are prefixed so that tools like https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning can scan repositories for accidental secret commits.