changes to app_token

2023-10-22 19:45:37 +02:00 · 2023-10-22 19:45:37 +02:00 · 4498be544b
parent 5bda9e8d83
commit 4498be544b
7 changed files with 71 additions and 85 deletions
--- a/lenticular_cloud/form/frontend.py
+++ b/lenticular_cloud/form/frontend.py
@ -35,6 +35,7 @@ class TOTPDeleteForm(FlaskForm):

 class AppTokenForm(FlaskForm):
    name = StringField(gettext('name'), validators=[DataRequired(),Length(min=1, max=255) ])
+    scopes = StringField(gettext('scopes'), validators=[DataRequired(),Length(min=1, max=255) ])
    submit = SubmitField(gettext('Activate'))

 class AppTokenDeleteForm(FlaskForm):
--- a/lenticular_cloud/model.py
+++ b/lenticular_cloud/model.py
@ -198,8 +198,12 @@ class User(BaseModel, ModelUpdatedMixin):
    def change_password(self, password_new: str) -> None:
        self.password_hashed = crypt.crypt(password_new)

-    def get_tokens_by_service(self, service: Service) -> list['AppToken']:
-        return [ token for token in self.app_tokens if token.service_name == service.name ]
+    def get_token_by_name(self, name: str) -> Optional['AppToken']:
+        for token in self.app_tokens:
+            if token.name == name:
+                return token
+        return None
+        

    def get_token_by_scope(self, scope: str) -> Iterator['AppToken']:
        for token in self.app_tokens:
--- a/lenticular_cloud/template/frontend/app_token.html.j2
+++ b/lenticular_cloud/template/frontend/app_token.html.j2
@ -4,47 +4,36 @@

 {% block content %}

-<ul class="nav nav-tabs" id="myTab" role="tablist">
-  {% for service in services.values() if service.app_token %}
-	<li class="nav-item">
-		<a class="nav-link{{' active' if loop.first else ''}}" id="home-tab" data-toggle="tab" href="#{{ service.name }}" role="tab" aria-controls="home" aria-selected="true">{{ service.name }}</a>
-	</li>
-  {% endfor %}
-</ul>
-
-<div class="tab-content" id="myTabContent">
-	{% for service in services.values() if service.app_token %}
-
-	<div class="tab-pane fade{{ ' show active' if loop.first else '' }}" id="{{ service.name }}" role="tabpanel" aria-labelledby="{{ service.name }}-tab">
-		<table class="table">
-			<thead>
-				<tr>
-					<th>name</th>
-					<th>last used</th>
-					<th>created at<th>
-					<th> <th>
-				</tr>
-			</thead>
-			<tbody>
-				{% for app_token in current_user.get_tokens_by_service(service) %}
-				<tr>
-					<td>{{ app_token.name }}</td>
-					<td>{{ app_token.last_used }}</td>
-					<td>{{ app_token.created_at }}</td>
-					<td>
-            {{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', service_name=service.name,app_token_name=app_token.name)) }}
-            {#
-						<a title="{{ gettext('Revoke')}}" href="{{ url_for('.app_token_revoce', id=app_token.id) }}" onclick="client_cert.revoke_certificate(this.href, '{{ cert.serial_number_hex }}'); return false;"><i class="fas fa-ban"></i></a>
-            #}
-					</td>
-				</tr>
-				{% endfor %}
+<div>
+	<table class="table">
+		<thead>
+			<tr>
+				<th>name</th>
+				<th>scopes</th>
+				<th>last used</th>
+				<th>created at<th>
+				<th> <th>
+			</tr>
+		</thead>
+		<tbody>
+			{% for app_token in current_user.app_tokens %}
+			<tr>
+				<td>{{ app_token.name }}</td>
+				<td>{{ app_token.scopes }}</td>
+				<td>{{ app_token.last_used }}</td>
+				<td>{{ app_token.created_at }}</td>
+				<td>
+					{{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', app_token_name=app_token.name)) }}
+		{#
+					<a title="{{ gettext('Revoke')}}" href="{{ url_for('.app_token_revoce', id=app_token.id) }}" onclick="client_cert.revoke_certificate(this.href, '{{ cert.serial_number_hex }}'); return false;"><i class="fas fa-ban"></i></a>
+		#}
+				</td>
+			</tr>
+			{% endfor %}
    </table>
-		<a class="btn btn-primary" href="{{ url_for('frontend.app_token_new', service_name=service.name) }}">
-			New Token
+	<a class="btn btn-primary" href="{{ url_for('frontend.app_token_new') }}">
+		New Token
    </a>
-	</div>
-	{% endfor %}
 </div>

 {% endblock %}
--- a/lenticular_cloud/template/frontend/app_token_new.html.j2
+++ b/lenticular_cloud/template/frontend/app_token_new.html.j2
@ -1,6 +1,6 @@
 {% extends 'frontend/base.html.j2' %}

-{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %}
+{% block title %}{{ gettext('new app token') }}{% endblock %}

 {% block content %}

--- a/lenticular_cloud/template/frontend/app_token_new_show.html.j2
+++ b/lenticular_cloud/template/frontend/app_token_new_show.html.j2
@ -1,12 +1,12 @@
 {% extends 'frontend/base.html.j2' %}

-{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %}
+{% block title %}{{ gettext('new app token') }}{% endblock %}

 {% block content %}

 <div>
 	<p>
-		Your new App Token for {{ service.name }}:
+		Your new App Token for scopes: {app_token.scopes}:
 	</p>

 	<p>
--- a/lenticular_cloud/views/api.py
+++ b/lenticular_cloud/views/api.py
@ -58,36 +58,36 @@ def introspect() -> ResponseReturnValue:
    return jsonify(token_info)


-@api_views.route('/login/<service_name>', methods=['POST'])
-def email_login(service_name: str) -> ResponseReturnValue:
-    if service_name not in lenticular_services:
-        return '', 404
-    service = lenticular_services[service_name]
+# @api_views.route('/login/<service_name>', methods=['POST'])
+# def email_login(service_name: str) -> ResponseReturnValue:
+#     if service_name not in lenticular_services:
+#         return '', 404
+#     service = lenticular_services[service_name]

-    if not request.is_json:
-        return jsonify({}), 400
-    req_payload = request.get_json() # type: Any
+#     if not request.is_json:
+#         return jsonify({}), 400
+#     req_payload = request.get_json() # type: Any

-    if not isinstance(req_payload, dict):
-        return 'bad request', 400
+#     if not isinstance(req_payload, dict):
+#         return 'bad request', 400

-    password = req_payload["password"]
-    username = req_payload["username"]
+#     password = req_payload["password"]
+#     username = req_payload["username"]

-    if '@' in username:
-        username = username.split('@')[0]
+#     if '@' in username:
+#         username = username.split('@')[0]

-    user = User.query.filter_by(username=username.lower()).first() # type: Optional[User]
-    if user is None:
-        logger.warning(f'login with invalid username')
-        return jsonify({}), 403
+#     user = User.query.filter_by(username=username.lower()).first() # type: Optional[User]
+#     if user is None:
+#         logger.warning(f'login with invalid username')
+#         return jsonify({}), 403

-    for app_token in user.get_tokens_by_service(service):
-        if secrets.compare_digest(password, app_token.token):
-            app_token.last_used = datetime.now()
-            db.session.commit()
-            return jsonify({'username': user.username}), 200
+#     for app_token in user.get_token_by_name(service):
+#         if secrets.compare_digest(password, app_token.token):
+#             app_token.last_used = datetime.now()
+#             db.session.commit()
+#             return jsonify({'username': user.username}), 200

-    logger.warning(f'login with invalid password for {username}')
-    return jsonify({}), 403
+#     logger.warning(f'login with invalid password for {username}')
+#     return jsonify({}), 403

--- a/lenticular_cloud/views/frontend.py
+++ b/lenticular_cloud/views/frontend.py
@ -153,17 +153,14 @@ def app_token() -> ResponseReturnValue:
                           delete_form=delete_form,
                           services=lenticular_services)

-@frontend_views.route('/app_token/<service_name>/new', methods=['GET','POST'])
-def app_token_new(service_name: str) -> ResponseReturnValue:
-    if service_name not in lenticular_services:
-        return '', 404
-    service = lenticular_services[service_name]
+@frontend_views.route('/app_token/new', methods=['GET','POST'])
+def app_token_new() -> ResponseReturnValue:
    form = AppTokenForm()

    if form.validate_on_submit():
        user_any = get_current_user() # type: Any
        user = user_any # type: User
-        app_token = AppToken.new(user, service, "")
+        app_token = AppToken.new(user, name="",scopes="")
        form.populate_obj(app_token)
        # check for duplicate names
        for user_app_token in user.app_tokens:
@ -171,23 +168,18 @@ def app_token_new(service_name: str) -> ResponseReturnValue:
                return 'name already exist', 400
        user.app_tokens.append(app_token)
        db.session.commit()
-        return render_template('frontend/app_token_new_show.html.j2', service=service, app_token=app_token)
+        return render_template('frontend/app_token_new_show.html.j2', app_token=app_token)


    return render_template('frontend/app_token_new.html.j2',
-                           form=form,
-                           service=service)
+                           form=form)

-@frontend_views.route('/app_token/<service_name>/<app_token_name>', methods=["POST"])
-def app_token_delete(service_name: str, app_token_name: str) -> ResponseReturnValue:
+@frontend_views.route('/app_token/<app_token_name>', methods=["POST"])
+def app_token_delete(app_token_name: str) -> ResponseReturnValue:
    form = AppTokenDeleteForm()

-    if service_name not in lenticular_services:
-        return '', 404
-
-    service = lenticular_services[service_name]
    if form.validate_on_submit():
-        app_token = get_current_user().get_token(service, app_token_name)
+        app_token = get_current_user().get_token_by_name(app_token_name)
        if app_token is None:
            return 'not found', 404
        db.session.delete(app_token)