search

dacharyc / prfocus-website

Website and documentation for the PR Focus macOS app
https://prfocus.app
5 stars 1 forks source link

[Bug] App - errors if API token has no expiration date #24

Closed masukomi closed 4 months ago

masukomi commented 7 months ago

Describe the bug Can't add repos with non-expiring token

see logs in screenshot

To Reproduce make a classic token with no expiration and try to use it.

Expected behavior it should work.

Actual Behavior it doesn't work because of an error validating the expiration date.

Screenshots CleanShot 2024-03-17 at 17 09 19@2x

dacharyc commented 7 months ago

Thanks for reporting this! I added a lot of additional validation around API key expiry and totally missed handling the case where people create a token with no expiration date.

I'm trying to decide if this is something I want to support. I don't want PR Focus to become a security risk because people are using it with tokens that never expire. I could definitely surface a more meaningful error message, though. I'll have a think about the best way to handle this.

In the meantime, please create a token with an expiration date and that should resolve this issue.

Sorry for the inconvenience!

dacharyc commented 4 months ago

I've decided to disallow API access tokens with no expiration date. In version 0.7, I've added better error handling around this, so you can now no longer provide an API access token with no expiration date.

Thanks for bringing this to my attention!

masukomi commented 4 months ago

Woot!