Paul Fitzpatrick dd8d2e18f5 (core) add an access token mechanism to help with attachments in custom widgets ... Summary: With this, a custom widget can render an attachment by doing: ``` const tokenInfo = await grist.docApi.getAccessToken({readOnly: true}); const img = document.getElementById('the_image'); const id = record.C[0]; // get an id of an attachment const src = `${tokenInfo.baseUrl}/attachments/${id}/download?auth=${tokenInfo.token}`; img.setAttribute('src', src) ``` The access token expires after a few mins, so if a user right-clicks on an image to save it, they may get access denied unless they refresh the page. A little awkward, but s3 pre-authorized links behave similarly and it generally isn't a deal-breaker. Test Plan: added tests Reviewers: dsagal Reviewed By: dsagal Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3488		2022-07-19 11:55:18 -04:00
..
declarations	(core) disentangle some server tests, release to core, add GRIST_PROXY_AUTH_HEADER test	2022-03-24 15:11:32 -04:00
lib	(core) add an access token mechanism to help with attachments in custom widgets	2022-07-19 11:55:18 -04:00
utils	(core) add a yarn run cli tool, and add a sqlite gristify option	2022-07-14 12:00:30 -04:00
companion.ts	(core) add a yarn run cli tool, and add a sqlite gristify option	2022-07-14 12:00:30 -04:00
declarations.d.ts	(core) Faster builds all around.	2022-07-04 10:42:40 -04:00
devServerMain.ts	(core) Faster builds all around.	2022-07-04 10:42:40 -04:00
generateCheckpoint.ts	(core) get all tests working under python3/gvisor	2021-10-18 17:44:15 -04:00
generateInitialDocSql.ts	(core) get all tests working under python3/gvisor	2021-10-18 17:44:15 -04:00
mergedServerMain.ts	(core) Faster builds all around.	2022-07-04 10:42:40 -04:00
tsconfig.json	(core) Simple localization support and currency selector.	2021-08-26 13:36:49 -07:00