duniter-ui: do not return the private key in /webmin/summary
In the WebUI API, the /webmin/summary
URL returns the seckey
field, in which the secret key is revealed. This is stupid as this field is not used at all in the UI.
There is not real problem as long as the WebUI is not publicly exposed, but this is a possible security flaw for users who expose by mistake their WebUI to the Internet. Also, some people use YunoHost and it is possible that their password is weak. So Duniter has to protect himself: we should remove the secret key from this URL.