changes to app_token
This commit is contained in:
parent
5bda9e8d83
commit
4498be544b
|
@ -35,6 +35,7 @@ class TOTPDeleteForm(FlaskForm):
|
|||
|
||||
class AppTokenForm(FlaskForm):
|
||||
name = StringField(gettext('name'), validators=[DataRequired(),Length(min=1, max=255) ])
|
||||
scopes = StringField(gettext('scopes'), validators=[DataRequired(),Length(min=1, max=255) ])
|
||||
submit = SubmitField(gettext('Activate'))
|
||||
|
||||
class AppTokenDeleteForm(FlaskForm):
|
||||
|
|
|
@ -198,8 +198,12 @@ class User(BaseModel, ModelUpdatedMixin):
|
|||
def change_password(self, password_new: str) -> None:
|
||||
self.password_hashed = crypt.crypt(password_new)
|
||||
|
||||
def get_tokens_by_service(self, service: Service) -> list['AppToken']:
|
||||
return [ token for token in self.app_tokens if token.service_name == service.name ]
|
||||
def get_token_by_name(self, name: str) -> Optional['AppToken']:
|
||||
for token in self.app_tokens:
|
||||
if token.name == name:
|
||||
return token
|
||||
return None
|
||||
|
||||
|
||||
def get_token_by_scope(self, scope: str) -> Iterator['AppToken']:
|
||||
for token in self.app_tokens:
|
||||
|
|
|
@ -4,35 +4,26 @@
|
|||
|
||||
{% block content %}
|
||||
|
||||
<ul class="nav nav-tabs" id="myTab" role="tablist">
|
||||
{% for service in services.values() if service.app_token %}
|
||||
<li class="nav-item">
|
||||
<a class="nav-link{{' active' if loop.first else ''}}" id="home-tab" data-toggle="tab" href="#{{ service.name }}" role="tab" aria-controls="home" aria-selected="true">{{ service.name }}</a>
|
||||
</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
|
||||
<div class="tab-content" id="myTabContent">
|
||||
{% for service in services.values() if service.app_token %}
|
||||
|
||||
<div class="tab-pane fade{{ ' show active' if loop.first else '' }}" id="{{ service.name }}" role="tabpanel" aria-labelledby="{{ service.name }}-tab">
|
||||
<div>
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>name</th>
|
||||
<th>scopes</th>
|
||||
<th>last used</th>
|
||||
<th>created at<th>
|
||||
<th> <th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for app_token in current_user.get_tokens_by_service(service) %}
|
||||
{% for app_token in current_user.app_tokens %}
|
||||
<tr>
|
||||
<td>{{ app_token.name }}</td>
|
||||
<td>{{ app_token.scopes }}</td>
|
||||
<td>{{ app_token.last_used }}</td>
|
||||
<td>{{ app_token.created_at }}</td>
|
||||
<td>
|
||||
{{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', service_name=service.name,app_token_name=app_token.name)) }}
|
||||
{{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', app_token_name=app_token.name)) }}
|
||||
{#
|
||||
<a title="{{ gettext('Revoke')}}" href="{{ url_for('.app_token_revoce', id=app_token.id) }}" onclick="client_cert.revoke_certificate(this.href, '{{ cert.serial_number_hex }}'); return false;"><i class="fas fa-ban"></i></a>
|
||||
#}
|
||||
|
@ -40,12 +31,10 @@
|
|||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
<a class="btn btn-primary" href="{{ url_for('frontend.app_token_new', service_name=service.name) }}">
|
||||
<a class="btn btn-primary" href="{{ url_for('frontend.app_token_new') }}">
|
||||
New Token
|
||||
</a>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{% extends 'frontend/base.html.j2' %}
|
||||
|
||||
{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %}
|
||||
{% block title %}{{ gettext('new app token') }}{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
{% extends 'frontend/base.html.j2' %}
|
||||
|
||||
{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %}
|
||||
{% block title %}{{ gettext('new app token') }}{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
|
||||
<div>
|
||||
<p>
|
||||
Your new App Token for {{ service.name }}:
|
||||
Your new App Token for scopes: {app_token.scopes}:
|
||||
</p>
|
||||
|
||||
<p>
|
||||
|
|
|
@ -58,36 +58,36 @@ def introspect() -> ResponseReturnValue:
|
|||
return jsonify(token_info)
|
||||
|
||||
|
||||
@api_views.route('/login/<service_name>', methods=['POST'])
|
||||
def email_login(service_name: str) -> ResponseReturnValue:
|
||||
if service_name not in lenticular_services:
|
||||
return '', 404
|
||||
service = lenticular_services[service_name]
|
||||
# @api_views.route('/login/<service_name>', methods=['POST'])
|
||||
# def email_login(service_name: str) -> ResponseReturnValue:
|
||||
# if service_name not in lenticular_services:
|
||||
# return '', 404
|
||||
# service = lenticular_services[service_name]
|
||||
|
||||
if not request.is_json:
|
||||
return jsonify({}), 400
|
||||
req_payload = request.get_json() # type: Any
|
||||
# if not request.is_json:
|
||||
# return jsonify({}), 400
|
||||
# req_payload = request.get_json() # type: Any
|
||||
|
||||
if not isinstance(req_payload, dict):
|
||||
return 'bad request', 400
|
||||
# if not isinstance(req_payload, dict):
|
||||
# return 'bad request', 400
|
||||
|
||||
password = req_payload["password"]
|
||||
username = req_payload["username"]
|
||||
# password = req_payload["password"]
|
||||
# username = req_payload["username"]
|
||||
|
||||
if '@' in username:
|
||||
username = username.split('@')[0]
|
||||
# if '@' in username:
|
||||
# username = username.split('@')[0]
|
||||
|
||||
user = User.query.filter_by(username=username.lower()).first() # type: Optional[User]
|
||||
if user is None:
|
||||
logger.warning(f'login with invalid username')
|
||||
return jsonify({}), 403
|
||||
# user = User.query.filter_by(username=username.lower()).first() # type: Optional[User]
|
||||
# if user is None:
|
||||
# logger.warning(f'login with invalid username')
|
||||
# return jsonify({}), 403
|
||||
|
||||
for app_token in user.get_tokens_by_service(service):
|
||||
if secrets.compare_digest(password, app_token.token):
|
||||
app_token.last_used = datetime.now()
|
||||
db.session.commit()
|
||||
return jsonify({'username': user.username}), 200
|
||||
# for app_token in user.get_token_by_name(service):
|
||||
# if secrets.compare_digest(password, app_token.token):
|
||||
# app_token.last_used = datetime.now()
|
||||
# db.session.commit()
|
||||
# return jsonify({'username': user.username}), 200
|
||||
|
||||
logger.warning(f'login with invalid password for {username}')
|
||||
return jsonify({}), 403
|
||||
# logger.warning(f'login with invalid password for {username}')
|
||||
# return jsonify({}), 403
|
||||
|
||||
|
|
|
@ -153,17 +153,14 @@ def app_token() -> ResponseReturnValue:
|
|||
delete_form=delete_form,
|
||||
services=lenticular_services)
|
||||
|
||||
@frontend_views.route('/app_token/<service_name>/new', methods=['GET','POST'])
|
||||
def app_token_new(service_name: str) -> ResponseReturnValue:
|
||||
if service_name not in lenticular_services:
|
||||
return '', 404
|
||||
service = lenticular_services[service_name]
|
||||
@frontend_views.route('/app_token/new', methods=['GET','POST'])
|
||||
def app_token_new() -> ResponseReturnValue:
|
||||
form = AppTokenForm()
|
||||
|
||||
if form.validate_on_submit():
|
||||
user_any = get_current_user() # type: Any
|
||||
user = user_any # type: User
|
||||
app_token = AppToken.new(user, service, "")
|
||||
app_token = AppToken.new(user, name="",scopes="")
|
||||
form.populate_obj(app_token)
|
||||
# check for duplicate names
|
||||
for user_app_token in user.app_tokens:
|
||||
|
@ -171,23 +168,18 @@ def app_token_new(service_name: str) -> ResponseReturnValue:
|
|||
return 'name already exist', 400
|
||||
user.app_tokens.append(app_token)
|
||||
db.session.commit()
|
||||
return render_template('frontend/app_token_new_show.html.j2', service=service, app_token=app_token)
|
||||
return render_template('frontend/app_token_new_show.html.j2', app_token=app_token)
|
||||
|
||||
|
||||
return render_template('frontend/app_token_new.html.j2',
|
||||
form=form,
|
||||
service=service)
|
||||
form=form)
|
||||
|
||||
@frontend_views.route('/app_token/<service_name>/<app_token_name>', methods=["POST"])
|
||||
def app_token_delete(service_name: str, app_token_name: str) -> ResponseReturnValue:
|
||||
@frontend_views.route('/app_token/<app_token_name>', methods=["POST"])
|
||||
def app_token_delete(app_token_name: str) -> ResponseReturnValue:
|
||||
form = AppTokenDeleteForm()
|
||||
|
||||
if service_name not in lenticular_services:
|
||||
return '', 404
|
||||
|
||||
service = lenticular_services[service_name]
|
||||
if form.validate_on_submit():
|
||||
app_token = get_current_user().get_token(service, app_token_name)
|
||||
app_token = get_current_user().get_token_by_name(app_token_name)
|
||||
if app_token is None:
|
||||
return 'not found', 404
|
||||
db.session.delete(app_token)
|
||||
|
|
Loading…
Reference in a new issue