Allow access token to be added to settings.php

Created on 22 June 2021, over 3 years ago
Updated 23 February 2024, 10 months ago

Problem/Motivation

Currently the access token is stored in configuration which allows for und users to easily add the access token through the UI.
However, if the site build is using Configuration Sync and a git repository then the the access token may be leaked if accidentally stored in a public repo, and may companies have policies that prevent you from committing in any tokens.

Allowing developers to add the access token to the settings.php file allows for it to be stored outside of config and allows developers to implement other strategies sigh as using the .env file.

Proposed resolution

I have attached a patch that updates the Formstack class and Config form to obtain the access token from the settings.php file initially or from config as a backup.
There are also tests to prove that it works.

Feature request
Status

Fixed

Version

3.0

Component

Code

Created by

🇬🇧United Kingdom james hawthorn-byng

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024