Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2026-03-02 04:09:24 +00:00
Code Issues Projects Releases Wiki Activity

use boot-key query parameter, tighten url match, put randomness in suggestions

Browse Source
This commit is contained in:
Paul Fitzpatrick
2024-05-23 14:59:58 -04:00
parent 07b80b1110
commit 7383b3f8f6
5 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/client/ui/AdminPanel.ts
View File

@@ -98,14 +98,15 @@ export class AdminPanel extends Disposable {
* which could include a legit adminstrator if auth is misconfigured.
*/
private _buildMainContentForOthers(owner: MultiHolder) {
const exampleKey = 'example-' + window.crypto.randomUUID();
return dom.create(AdminSection, t('Administrator Panel Unavailable'), [
dom('p', t(`You do not have access to the administrator panel.
Please log in as an administrator.`)),
dom(
'p',
t(`Or, as a fallback, you can set: {{bootKey}} in the environment and visit: {{url}}`, {
bootKey: dom('pre', 'GRIST_BOOT_KEY=secret'),
url: dom('pre', `/admin?key=secret`)
bootKey: dom('pre', `GRIST_BOOT_KEY=${exampleKey}`),
url: dom('pre', `/admin?boot-key=${exampleKey}`)
}),
),
]);