feat(settings): hide API key from frontend, use status+edit instead of password field

Backend changes: - Add civitai_api_key to _NO_SYNC_KEYS, return only boolean civitai_api_key_set - Clean up known template placeholder on load to prevent false positive Frontend changes: - Replace type=password with type=text + CSS masking (-webkit-text-security) - Replace pre-filled input with status display (Configured/Not configured) - Add inline edit view with Save/Cancel buttons - Re-add eye toggle via CSS class toggle (not type switching) - Use CSS transitions for smooth status/edit view switching This prevents Chromium/Vivaldi password manager from triggering 'save password' prompts when opening the settings modal.
2026-06-19 08:52:05 -03:00 · 2026-06-19 08:05:04 +08:00
parent faf64f8986
commit b24b1a7e57
19 changed files with 274 additions and 29 deletions
--- a/py/routes/handlers/misc_handlers.py
+++ b/py/routes/handlers/misc_handlers.py
@@ -1328,6 +1328,9 @@ class SettingsHandler:
            "folder_paths",
            "libraries",
            "active_library",
+            # Sensitive — never expose the actual value to the frontend;
+            # frontend receives a boolean instead (civitai_api_key_set).
+            "civitai_api_key",
        }
    )

@@ -1382,6 +1385,9 @@ class SettingsHandler:
                    value = self._settings.get(key)
                    if value is not None:
                        response_data[key] = value
+            # Sensitive fields: only expose a boolean indicating whether set
+            raw_key = self._settings.get("civitai_api_key")
+            response_data["civitai_api_key_set"] = bool(raw_key)
            settings_file = getattr(self._settings, "settings_file", None)
            if settings_file:
                response_data["settings_file"] = settings_file
--- a/py/services/settings_manager.py
+++ b/py/services/settings_manager.py
@@ -134,6 +134,9 @@ class SettingsManager:
        self._template_path = (
            Path(__file__).resolve().parents[2] / "settings.json.example"
        )
+        # Known placeholder value in settings.json.example; any file containing
+        # this value should be treated as "not configured".
+        self._TEMPLATE_PLACEHOLDER_API_KEY = "your_civitai_api_key_here"
        self.settings = self._load_settings()
        self._migrate_setting_keys()
        self._ensure_default_settings()
@@ -165,6 +168,12 @@ class SettingsManager:
                    self._original_disk_payload = copy.deepcopy(data)
                    if self._matches_template_payload(data):
                        self._preserve_disk_template = True
+                    # Clean up the template placeholder so it is not treated
+                    # as a real key (affects both the frontend boolean and
+                    # the downloader's Authorization header).
+                    placeholder = self._TEMPLATE_PLACEHOLDER_API_KEY
+                    if data.get("civitai_api_key") == placeholder:
+                        data["civitai_api_key"] = ""
                return data
            except json.JSONDecodeError as exc:
                logger.error("Failed to parse settings.json: %s", exc)