Paul Fitzpatrick dd8d2e18f5 (core) add an access token mechanism to help with attachments in custom widgets ... Summary: With this, a custom widget can render an attachment by doing: ``` const tokenInfo = await grist.docApi.getAccessToken({readOnly: true}); const img = document.getElementById('the_image'); const id = record.C[0]; // get an id of an attachment const src = `${tokenInfo.baseUrl}/attachments/${id}/download?auth=${tokenInfo.token}`; img.setAttribute('src', src) ``` The access token expires after a few mins, so if a user right-clicks on an image to save it, they may get access denied unless they refresh the page. A little awkward, but s3 pre-authorized links behave similarly and it generally isn't a deal-breaker. Test Plan: added tests Reviewers: dsagal Reviewed By: dsagal Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3488		2022-07-19 11:55:18 -04:00
..
client	(core) add an access token mechanism to help with attachments in custom widgets	2022-07-19 11:55:18 -04:00
common	(core) add an access token mechanism to help with attachments in custom widgets	2022-07-19 11:55:18 -04:00
gen-server	(core) add an access token mechanism to help with attachments in custom widgets	2022-07-19 11:55:18 -04:00
plugin	(core) add an access token mechanism to help with attachments in custom widgets	2022-07-19 11:55:18 -04:00
server	(core) add an access token mechanism to help with attachments in custom widgets	2022-07-19 11:55:18 -04:00
tsconfig.json	(core) move home server into core	2020-07-21 20:39:10 -04:00