[PR #279] [MERGED] Improve security of access tokens #973

New Issue

OVERLORD · 2026-02-04T21:41:38+03:00

OVERLORD commented

2026-02-04 21:41:38 +03:00

📋 Pull Request Information

Original PR: https://github.com/plankanban/planka/pull/279
Author: @SimonTagne
Created: 8/8/2022
Status: ✅ Merged
Merged: 8/9/2022
Merged by: @meltyshev

Base: master ← Head: 275

📝 Commits (4)

e9a65bb fix: Add Secure and SameSite to authentication token
266a762 fix: Invalidate access tokens on password change
220cb14 feat: Add expiration to access tokens
891b7ce ref: Add log out event, refactoring

📊 Changes

40 files changed (+273 additions, -133 deletions)

View changed files

📝 client/package-lock.json (+11 -0)
📝 client/package.json (+1 -0)
📝 client/src/api/access-tokens.js (+1 -1)
📝 client/src/api/activities.js (+2 -2)
📝 client/src/api/attachments.js (+6 -6)
📝 client/src/api/board-memberships.js (+4 -3)
📝 client/src/api/boards.js (+6 -5)
📝 client/src/api/card-labels.js (+4 -2)
📝 client/src/api/card-memberships.js (+4 -3)
📝 client/src/api/cards.js (+10 -10)
📝 client/src/api/comment-activities.js (+6 -6)
📝 client/src/api/http.js (+2 -2)
📝 client/src/api/labels.js (+4 -3)
📝 client/src/api/lists.js (+4 -3)
📝 client/src/api/notifications.js (+6 -6)
📝 client/src/api/project-managers.js (+4 -3)
📝 client/src/api/projects.js (+7 -7)
📝 client/src/api/socket.js (+2 -1)
📝 client/src/api/tasks.js (+3 -3)
📝 client/src/api/users.js (+12 -10)

...and 20 more files

📄 Description

Fix #275

cf. the discussion in the issue above

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/plankanban/planka/pull/279 **Author:** [@SimonTagne](https://github.com/SimonTagne) **Created:** 8/8/2022 **Status:** ✅ Merged **Merged:** 8/9/2022 **Merged by:** [@meltyshev](https://github.com/meltyshev) **Base:** `master` ← **Head:** `275` --- ### 📝 Commits (4) - [`e9a65bb`](https://github.com/plankanban/planka/commit/e9a65bb6419efc90b7be493c975858120b721779) fix: Add Secure and SameSite to authentication token - [`266a762`](https://github.com/plankanban/planka/commit/266a7626417acdcdef77b6e9382a4344a73e6a3f) fix: Invalidate access tokens on password change - [`220cb14`](https://github.com/plankanban/planka/commit/220cb1427b4c55886e73401f80d5df7db2266124) feat: Add expiration to access tokens - [`891b7ce`](https://github.com/plankanban/planka/commit/891b7ce90a255e0fea832102f4cdec69cf6ea82e) ref: Add log out event, refactoring ### 📊 Changes **40 files changed** (+273 additions, -133 deletions) <details> <summary>View changed files</summary> 📝 `client/package-lock.json` (+11 -0) 📝 `client/package.json` (+1 -0) 📝 `client/src/api/access-tokens.js` (+1 -1) 📝 `client/src/api/activities.js` (+2 -2) 📝 `client/src/api/attachments.js` (+6 -6) 📝 `client/src/api/board-memberships.js` (+4 -3) 📝 `client/src/api/boards.js` (+6 -5) 📝 `client/src/api/card-labels.js` (+4 -2) 📝 `client/src/api/card-memberships.js` (+4 -3) 📝 `client/src/api/cards.js` (+10 -10) 📝 `client/src/api/comment-activities.js` (+6 -6) 📝 `client/src/api/http.js` (+2 -2) 📝 `client/src/api/labels.js` (+4 -3) 📝 `client/src/api/lists.js` (+4 -3) 📝 `client/src/api/notifications.js` (+6 -6) 📝 `client/src/api/project-managers.js` (+4 -3) 📝 `client/src/api/projects.js` (+7 -7) 📝 `client/src/api/socket.js` (+2 -1) 📝 `client/src/api/tasks.js` (+3 -3) 📝 `client/src/api/users.js` (+12 -10) _...and 20 more files_ </details> ### 📄 Description Fix #275 cf. the discussion in the issue above --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

OVERLORD added the pull-request label 2026-02-04 21:41:38 +03:00

OVERLORD closed this issue

2026-02-04 21:41:39 +03:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/planka#973