issue_comments

Table actions

11 rows where issue = 628025100 sorted by updated_at descending

View and edit SQL

This data as json, CSV (advanced)

Suggested facets: created_at (date), updated_at (date)

user 1

issue 1

  • Datasette secret mechanism - initially for signed cookies · 11

author_association 1

id html_url issue_url node_id user created_at updated_at ▲ author_association body reactions issue performed_via_github_app
636553736 https://github.com/simonw/datasette/issues/785#issuecomment-636553736 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjU1MzczNg== simonw 9599 2020-06-01T00:18:40Z 2020-06-01T00:18:40Z OWNER 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636541827 https://github.com/simonw/datasette/issues/785#issuecomment-636541827 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjU0MTgyNw== simonw 9599 2020-05-31T22:46:34Z 2020-06-01T00:17:35Z OWNER

This is nearly ready to close. I'm going to add documentation for --secret and the DATASETTE_SECRET environment variable.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636541929 https://github.com/simonw/datasette/issues/785#issuecomment-636541929 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjU0MTkyOQ== simonw 9599 2020-05-31T22:47:17Z 2020-05-31T22:47:17Z OWNER

I'll add a section about secrets to this page: https://datasette.readthedocs.io/en/latest/config.html

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636541630 https://github.com/simonw/datasette/issues/785#issuecomment-636541630 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjU0MTYzMA== simonw 9599 2020-05-31T22:45:07Z 2020-05-31T22:45:07Z OWNER 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636539295 https://github.com/simonw/datasette/issues/785#issuecomment-636539295 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjUzOTI5NQ== simonw 9599 2020-05-31T22:24:14Z 2020-05-31T22:28:27Z OWNER

I'll add two utility methods to the Datasette class:

  • datasette.sign(value, "namespace") - returns signed string
  • datasette.unsign(signed, "namespace") - returns value OR raises BadSignature
 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636538298 https://github.com/simonw/datasette/issues/785#issuecomment-636538298 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjUzODI5OA== simonw 9599 2020-05-31T22:14:43Z 2020-05-31T22:15:01Z OWNER

... actually no I'll do it using a CLI option that can also be in an environment variable:

https://click.palletsprojects.com/en/7.x/options/#values-from-environment-variables

python @click.command() @click.option('--secret', envvar='DATASETTE_SECRET') def greet(secret): ...

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636537921 https://github.com/simonw/datasette/issues/785#issuecomment-636537921 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjUzNzkyMQ== simonw 9599 2020-05-31T22:11:29Z 2020-05-31T22:11:29Z OWNER

First version of cookie signing will use a secret that is either pulled from DATASETTE_SECRET environment variable or generated every time the server starts. I'll add a non-environment-variable based secret later.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636537679 https://github.com/simonw/datasette/issues/785#issuecomment-636537679 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjUzNzY3OQ== simonw 9599 2020-05-31T22:09:23Z 2020-05-31T22:09:23Z OWNER

I'm going to use https://github.com/pallets/itsdangerous for this.

Annoyingly they're very close to release v2.0 which adds support for key rotation... but it's not quite out of pre-release yet. I'll go with 1.1.0 for the moment and upgrade to 2.0 as soon as that is out.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636515763 https://github.com/simonw/datasette/issues/785#issuecomment-636515763 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjUxNTc2Mw== simonw 9599 2020-05-31T19:19:03Z 2020-05-31T19:19:13Z OWNER

Maybe Datasette should have a --secrets=path/to/secrets.json command-line option for storing these?

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636515671 https://github.com/simonw/datasette/issues/785#issuecomment-636515671 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjUxNTY3MQ== simonw 9599 2020-05-31T19:18:18Z 2020-05-31T19:18:18Z OWNER

That user_state_dir solution may have been more trouble than it was worth though - I seem to remember it causing issues on some hosting providers.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  
636515599 https://github.com/simonw/datasette/issues/785#issuecomment-636515599 https://api.github.com/repos/simonw/datasette/issues/785 MDEyOklzc3VlQ29tbWVudDYzNjUxNTU5OQ== simonw 9599 2020-05-31T19:17:43Z 2020-05-31T19:17:43Z OWNER

I previously solved this for the datasette-auth-existing-cookies plugin as described in this issue: https://github.com/simonw/datasette-auth-existing-cookies/issues/1

Concrete plan: you have to pass a secret to the class constructor. The Datasette plugin (the code in __init__.py) uses the following in order of preference (first things are most preferred):

I originally planned to have separate support for an environment variable, but the existence of the secret configuration values mechanism means this is already handled.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Datasette secret mechanism - initially for signed cookies 628025100  

Advanced export

JSON shape: default, array, newline-delimited, object

CSV options: 

CREATE TABLE [issue_comments] (
   [html_url] TEXT,
   [issue_url] TEXT,
   [id] INTEGER PRIMARY KEY,
   [node_id] TEXT,
   [user] INTEGER REFERENCES [users]([id]),
   [created_at] TEXT,
   [updated_at] TEXT,
   [author_association] TEXT,
   [body] TEXT,
   [reactions] TEXT,
   [issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
                ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
                ON [issue_comments] ([user]);