diff --git a/lenticular_cloud/form/frontend.py b/lenticular_cloud/form/frontend.py index b0abc61..c11e4a9 100644 --- a/lenticular_cloud/form/frontend.py +++ b/lenticular_cloud/form/frontend.py @@ -35,6 +35,7 @@ class TOTPDeleteForm(FlaskForm): class AppTokenForm(FlaskForm): name = StringField(gettext('name'), validators=[DataRequired(),Length(min=1, max=255) ]) + scopes = StringField(gettext('scopes'), validators=[DataRequired(),Length(min=1, max=255) ]) submit = SubmitField(gettext('Activate')) class AppTokenDeleteForm(FlaskForm): diff --git a/lenticular_cloud/model.py b/lenticular_cloud/model.py index 426685f..72fcb41 100644 --- a/lenticular_cloud/model.py +++ b/lenticular_cloud/model.py @@ -198,8 +198,12 @@ class User(BaseModel, ModelUpdatedMixin): def change_password(self, password_new: str) -> None: self.password_hashed = crypt.crypt(password_new) - def get_tokens_by_service(self, service: Service) -> list['AppToken']: - return [ token for token in self.app_tokens if token.service_name == service.name ] + def get_token_by_name(self, name: str) -> Optional['AppToken']: + for token in self.app_tokens: + if token.name == name: + return token + return None + def get_token_by_scope(self, scope: str) -> Iterator['AppToken']: for token in self.app_tokens: diff --git a/lenticular_cloud/template/frontend/app_token.html.j2 b/lenticular_cloud/template/frontend/app_token.html.j2 index dc8bf9c..6dc357d 100644 --- a/lenticular_cloud/template/frontend/app_token.html.j2 +++ b/lenticular_cloud/template/frontend/app_token.html.j2 @@ -4,47 +4,36 @@ {% block content %} - - -
- {% for service in services.values() if service.app_token %} - -
- - - - - - - - - {% for app_token in current_user.get_tokens_by_service(service) %} - - - - - - - {% endfor %} +
+
namelast usedcreated at - -
{{ app_token.name }}{{ app_token.last_used }}{{ app_token.created_at }} - {{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', service_name=service.name,app_token_name=app_token.name)) }} - {# - - #} -
+ + + + + + + + + {% for app_token in current_user.app_tokens %} + + + + + + + + {% endfor %}
namescopeslast usedcreated at + +
{{ app_token.name }}{{ app_token.scopes }}{{ app_token.last_used }}{{ app_token.created_at }} + {{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', app_token_name=app_token.name)) }} + {# + + #} +
- - New Token + + New Token -
- {% endfor %}
{% endblock %} diff --git a/lenticular_cloud/template/frontend/app_token_new.html.j2 b/lenticular_cloud/template/frontend/app_token_new.html.j2 index 5c45bbc..0b05bd1 100644 --- a/lenticular_cloud/template/frontend/app_token_new.html.j2 +++ b/lenticular_cloud/template/frontend/app_token_new.html.j2 @@ -1,6 +1,6 @@ {% extends 'frontend/base.html.j2' %} -{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %} +{% block title %}{{ gettext('new app token') }}{% endblock %} {% block content %} diff --git a/lenticular_cloud/template/frontend/app_token_new_show.html.j2 b/lenticular_cloud/template/frontend/app_token_new_show.html.j2 index 0dbb255..5eca42c 100644 --- a/lenticular_cloud/template/frontend/app_token_new_show.html.j2 +++ b/lenticular_cloud/template/frontend/app_token_new_show.html.j2 @@ -1,12 +1,12 @@ {% extends 'frontend/base.html.j2' %} -{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %} +{% block title %}{{ gettext('new app token') }}{% endblock %} {% block content %}

- Your new App Token for {{ service.name }}: + Your new App Token for scopes: {app_token.scopes}:

diff --git a/lenticular_cloud/views/api.py b/lenticular_cloud/views/api.py index 2de32c0..48e074a 100644 --- a/lenticular_cloud/views/api.py +++ b/lenticular_cloud/views/api.py @@ -58,36 +58,36 @@ def introspect() -> ResponseReturnValue: return jsonify(token_info) -@api_views.route('/login/', methods=['POST']) -def email_login(service_name: str) -> ResponseReturnValue: - if service_name not in lenticular_services: - return '', 404 - service = lenticular_services[service_name] +# @api_views.route('/login/', methods=['POST']) +# def email_login(service_name: str) -> ResponseReturnValue: +# if service_name not in lenticular_services: +# return '', 404 +# service = lenticular_services[service_name] - if not request.is_json: - return jsonify({}), 400 - req_payload = request.get_json() # type: Any +# if not request.is_json: +# return jsonify({}), 400 +# req_payload = request.get_json() # type: Any - if not isinstance(req_payload, dict): - return 'bad request', 400 +# if not isinstance(req_payload, dict): +# return 'bad request', 400 - password = req_payload["password"] - username = req_payload["username"] +# password = req_payload["password"] +# username = req_payload["username"] - if '@' in username: - username = username.split('@')[0] +# if '@' in username: +# username = username.split('@')[0] - user = User.query.filter_by(username=username.lower()).first() # type: Optional[User] - if user is None: - logger.warning(f'login with invalid username') - return jsonify({}), 403 +# user = User.query.filter_by(username=username.lower()).first() # type: Optional[User] +# if user is None: +# logger.warning(f'login with invalid username') +# return jsonify({}), 403 - for app_token in user.get_tokens_by_service(service): - if secrets.compare_digest(password, app_token.token): - app_token.last_used = datetime.now() - db.session.commit() - return jsonify({'username': user.username}), 200 +# for app_token in user.get_token_by_name(service): +# if secrets.compare_digest(password, app_token.token): +# app_token.last_used = datetime.now() +# db.session.commit() +# return jsonify({'username': user.username}), 200 - logger.warning(f'login with invalid password for {username}') - return jsonify({}), 403 +# logger.warning(f'login with invalid password for {username}') +# return jsonify({}), 403 diff --git a/lenticular_cloud/views/frontend.py b/lenticular_cloud/views/frontend.py index 80b5272..b1827cf 100644 --- a/lenticular_cloud/views/frontend.py +++ b/lenticular_cloud/views/frontend.py @@ -153,17 +153,14 @@ def app_token() -> ResponseReturnValue: delete_form=delete_form, services=lenticular_services) -@frontend_views.route('/app_token//new', methods=['GET','POST']) -def app_token_new(service_name: str) -> ResponseReturnValue: - if service_name not in lenticular_services: - return '', 404 - service = lenticular_services[service_name] +@frontend_views.route('/app_token/new', methods=['GET','POST']) +def app_token_new() -> ResponseReturnValue: form = AppTokenForm() if form.validate_on_submit(): user_any = get_current_user() # type: Any user = user_any # type: User - app_token = AppToken.new(user, service, "") + app_token = AppToken.new(user, name="",scopes="") form.populate_obj(app_token) # check for duplicate names for user_app_token in user.app_tokens: @@ -171,23 +168,18 @@ def app_token_new(service_name: str) -> ResponseReturnValue: return 'name already exist', 400 user.app_tokens.append(app_token) db.session.commit() - return render_template('frontend/app_token_new_show.html.j2', service=service, app_token=app_token) + return render_template('frontend/app_token_new_show.html.j2', app_token=app_token) return render_template('frontend/app_token_new.html.j2', - form=form, - service=service) + form=form) -@frontend_views.route('/app_token//', methods=["POST"]) -def app_token_delete(service_name: str, app_token_name: str) -> ResponseReturnValue: +@frontend_views.route('/app_token/', methods=["POST"]) +def app_token_delete(app_token_name: str) -> ResponseReturnValue: form = AppTokenDeleteForm() - if service_name not in lenticular_services: - return '', 404 - - service = lenticular_services[service_name] if form.validate_on_submit(): - app_token = get_current_user().get_token(service, app_token_name) + app_token = get_current_user().get_token_by_name(app_token_name) if app_token is None: return 'not found', 404 db.session.delete(app_token)