diff --git a/plugins/API/templates/listAllAPI.twig b/plugins/API/templates/listAllAPI.twig
index 258b74c49df0c114bbe71fc502b4f7edb7158703..9aa26858813ba0980f52dd1946904090dcdd8b1a 100644
--- a/plugins/API/templates/listAllAPI.twig
+++ b/plugins/API/templates/listAllAPI.twig
@@ -20,7 +20,7 @@
<div piwik-content-block content-title="{{ 'API_UserAuthentication'|translate|e('html_attr') }}">
<p>
{{ 'API_UsingTokenAuth'|translate('','',"")|raw }}<br/>
- <pre piwik-select-on-focus id='token_auth'>&token_auth=<strong>{{ token_auth }}</strong></pre><br/>
+ <pre piwik-select-on-focus id='token_auth'>&token_auth=<strong piwik-show-sensitive-data="{{ token_auth }}" data-click-element-selector="#token_auth"></strong></pre><br/>
{{ 'API_KeepTokenSecret'|translate('<b>','</b>')|raw }}<br />
{{ 'API_ChangeTokenHint'|translate('<a href="' ~ linkTo({
'module': 'UsersManager',
diff --git a/plugins/CoreHome/CoreHome.php b/plugins/CoreHome/CoreHome.php
index f5a1a594bc13568b717d1506c7e98cd3370e02ff..7a221bc7db222df8d9632e5489dc72dd0f14f03d 100644
--- a/plugins/CoreHome/CoreHome.php
+++ b/plugins/CoreHome/CoreHome.php
@@ -155,6 +155,7 @@ class CoreHome extends \Piwik\Plugin
$jsFiles[] = "plugins/CoreHome/angularjs/common/directives/directive.module.js";
$jsFiles[] = "plugins/CoreHome/angularjs/common/directives/attributes.js";
$jsFiles[] = "plugins/CoreHome/angularjs/common/directives/field-condition.js";
+ $jsFiles[] = "plugins/CoreHome/angularjs/common/directives/show-sensitive-data.js";
$jsFiles[] = "plugins/CoreHome/angularjs/common/directives/autocomplete-matched.js";
$jsFiles[] = "plugins/CoreHome/angularjs/common/directives/focus-anywhere-but-here.js";
$jsFiles[] = "plugins/CoreHome/angularjs/common/directives/ignore-click.js";
@@ -255,6 +256,7 @@ class CoreHome extends \Piwik\Plugin
$translationKeys[] = 'General_MultiSitesSummary';
$translationKeys[] = 'General_SearchNoResults';
$translationKeys[] = 'CoreHome_ChooseX';
+ $translationKeys[] = 'CoreHome_ClickToSeeFullInformation';
$translationKeys[] = 'CoreHome_YouAreUsingTheLatestVersion';
$translationKeys[] = 'CoreHome_IncludeRowsWithLowPopulation';
$translationKeys[] = 'CoreHome_ExcludeRowsWithLowPopulation';
diff --git a/plugins/CoreHome/angularjs/common/directives/show-sensitive-data.js b/plugins/CoreHome/angularjs/common/directives/show-sensitive-data.js
new file mode 100644
index 0000000000000000000000000000000000000000..1744f9e622667e2a3afd6d91535b8e90509f400a
--- /dev/null
+++ b/plugins/CoreHome/angularjs/common/directives/show-sensitive-data.js
@@ -0,0 +1,59 @@
+/*!
+ * Piwik - free/libre analytics platform
+ *
+ * @link http://piwik.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ */
+
+/**
+ * Handles visibility of sensitive data. By default data will be shown replaced with stars (*)
+ * On click on the element the full data will be shown
+ *
+ * Configuration attributes:
+ * data-show-characters number of characters to show in clear text (defaults to 6)
+ * data-click-element-selector selector for element that will show the full data on click (defaults to element)
+ *
+ * Example:
+ * <div piwik-show-sensitive-date="some text"></div>
+ */
+(function () {
+ angular.module('piwikApp.directive').directive('piwikShowSensitiveData', piwikShowSensitiveData);
+
+ function piwikShowSensitiveData(){
+ return {
+ restrict: 'A',
+ link: function(scope, element, attr) {
+
+ var sensitiveData = attr.piwikShowSensitiveData || attr.text();
+ var showCharacters = attr.showCharacters || 6;
+ var clickElement = attr.clickElementSelector || element;
+
+ var protectedData = '';
+ if (showCharacters > 0) {
+ protectedData += sensitiveData.substr(0, showCharacters);
+ }
+ protectedData += sensitiveData.substr(showCharacters).replace(/./g, '*');
+ element.html(protectedData);
+
+ function onClickHandler(event) {
+ element.html(sensitiveData);
+ $(clickElement).css({
+ cursor: ''
+ });
+ $(clickElement).tooltip("destroy");
+ }
+
+ $(clickElement).tooltip({
+ content: _pk_translate('CoreHome_ClickToSeeFullInformation'),
+ items: '*',
+ track: true
+ });
+
+ $(clickElement).one('click', onClickHandler);
+ $(clickElement).css({
+ cursor: 'pointer'
+ })
+ }
+ };
+ }
+})();
diff --git a/plugins/CoreHome/lang/en.json b/plugins/CoreHome/lang/en.json
index 808250348e7a555aa534f9677ea628267cabe5e0..57c5071c4a0db7cbbc0224aaac4b144679d5d828 100644
--- a/plugins/CoreHome/lang/en.json
+++ b/plugins/CoreHome/lang/en.json
@@ -5,6 +5,7 @@
"CheckForUpdates": "Check for updates",
"CheckPiwikOut": "Check Piwik out!",
"ClickToEditX": "Click to edit %s",
+ "ClickToSeeFullInformation": "Click to see the full information",
"CloseSearch": "Close search",
"CloseWidgetDirections": "You can close this widget by clicking on the 'X' icon at the top of the widget.",
"ChooseX": "Choose %1$s",
diff --git a/plugins/UsersManager/templates/userSettings.twig b/plugins/UsersManager/templates/userSettings.twig
index 2824262acda4b715c5a8cd0c327eeaab9c0a9fcc..34a2b5a75a8f9abd9598c30283abc9d8a412c80f 100644
--- a/plugins/UsersManager/templates/userSettings.twig
+++ b/plugins/UsersManager/templates/userSettings.twig
@@ -109,7 +109,7 @@
<div piwik-content-block
content-title="{{ 'UsersManager_TokenAuth'|translate|e('html_attr') }}">
- <pre piwik-select-on-focus id="token_auth_user">{{ userTokenAuth }}</pre>
+ <pre piwik-select-on-focus id="token_auth_user" piwik-show-sensitive-data="{{ userTokenAuth }}"></pre>
<p>{{ 'UsersManager_TokenRegenerateLogoutWarning'|translate }}</p>
<button class="btn btn-link"
diff --git a/tests/UI/specs/UIIntegration_spec.js b/tests/UI/specs/UIIntegration_spec.js
index 9e7ed5dd12e80c37e238580cc7ffa43722ad3652..b3e51288af2ffdca73bd15fd8cf6f97dd0159805 100644
--- a/tests/UI/specs/UIIntegration_spec.js
+++ b/tests/UI/specs/UIIntegration_spec.js
@@ -602,9 +602,6 @@ describe("UIIntegrationTest", function () { // TODO: Rename to Piwik?
it('should load the API listing page correctly', function (done) {
expect.screenshot('api_listing').to.be.captureSelector('.pageWrap', function (page) {
page.load("?" + generalParams + "&module=API&action=listAllAPI");
- page.evaluate(function () { // remove token_auth since it can change on each test run
- $('span#token_auth>strong').text('dummytokenauth');
- });
}, done);
});