Feature #17298
Updated by Ward Vandewege almost 4 years ago
As part of ticket #16726 the services/api/script/get_anonymous_user_token.rb logic was changed. It currently takes the configured anonymous token from the config file and makes sure that the corresponding database record exists.
It is called from lib/boot/seed.go.
It needs to be run during manual installation in an awkward 2-step process: put a random string in config file; then run this script.
It would be much better to make the api server check the anonymous token as configured on startup, and if one is defined in the config file, make sure that the appropriate db record exists. If the token is not configured, it can do nothing. If a token is configured and other anonymous tokens exist in the database, those should be disabled. This is roughly the logic of the current services/api/script/get_anonymous_user_token.rb script.
Once this change is made, lib/boot/seed.go should be adapted and the documentation needs to be updated accordingly, in doc/install/install-keep-web.html.textile.liquid. Also update lib/config/config.default.yml and regenerate the reference.