changes to app_token

This commit is contained in:
tuxcoder 2023-10-22 19:45:37 +02:00
parent 5bda9e8d83
commit 4498be544b
7 changed files with 71 additions and 85 deletions

View file

@ -35,6 +35,7 @@ class TOTPDeleteForm(FlaskForm):
class AppTokenForm(FlaskForm):
name = StringField(gettext('name'), validators=[DataRequired(),Length(min=1, max=255) ])
scopes = StringField(gettext('scopes'), validators=[DataRequired(),Length(min=1, max=255) ])
submit = SubmitField(gettext('Activate'))
class AppTokenDeleteForm(FlaskForm):

View file

@ -198,8 +198,12 @@ class User(BaseModel, ModelUpdatedMixin):
def change_password(self, password_new: str) -> None:
self.password_hashed = crypt.crypt(password_new)
def get_tokens_by_service(self, service: Service) -> list['AppToken']:
return [ token for token in self.app_tokens if token.service_name == service.name ]
def get_token_by_name(self, name: str) -> Optional['AppToken']:
for token in self.app_tokens:
if token.name == name:
return token
return None
def get_token_by_scope(self, scope: str) -> Iterator['AppToken']:
for token in self.app_tokens:

View file

@ -4,35 +4,26 @@
{% block content %}
<ul class="nav nav-tabs" id="myTab" role="tablist">
{% for service in services.values() if service.app_token %}
<li class="nav-item">
<a class="nav-link{{' active' if loop.first else ''}}" id="home-tab" data-toggle="tab" href="#{{ service.name }}" role="tab" aria-controls="home" aria-selected="true">{{ service.name }}</a>
</li>
{% endfor %}
</ul>
<div class="tab-content" id="myTabContent">
{% for service in services.values() if service.app_token %}
<div class="tab-pane fade{{ ' show active' if loop.first else '' }}" id="{{ service.name }}" role="tabpanel" aria-labelledby="{{ service.name }}-tab">
<div>
<table class="table">
<thead>
<tr>
<th>name</th>
<th>scopes</th>
<th>last used</th>
<th>created at<th>
<th> <th>
</tr>
</thead>
<tbody>
{% for app_token in current_user.get_tokens_by_service(service) %}
{% for app_token in current_user.app_tokens %}
<tr>
<td>{{ app_token.name }}</td>
<td>{{ app_token.scopes }}</td>
<td>{{ app_token.last_used }}</td>
<td>{{ app_token.created_at }}</td>
<td>
{{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', service_name=service.name,app_token_name=app_token.name)) }}
{{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', app_token_name=app_token.name)) }}
{#
<a title="{{ gettext('Revoke')}}" href="{{ url_for('.app_token_revoce', id=app_token.id) }}" onclick="client_cert.revoke_certificate(this.href, '{{ cert.serial_number_hex }}'); return false;"><i class="fas fa-ban"></i></a>
#}
@ -40,11 +31,9 @@
</tr>
{% endfor %}
</table>
<a class="btn btn-primary" href="{{ url_for('frontend.app_token_new', service_name=service.name) }}">
<a class="btn btn-primary" href="{{ url_for('frontend.app_token_new') }}">
New Token
</a>
</div>
{% endfor %}
</div>
{% endblock %}

View file

@ -1,6 +1,6 @@
{% extends 'frontend/base.html.j2' %}
{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %}
{% block title %}{{ gettext('new app token') }}{% endblock %}
{% block content %}

View file

@ -1,12 +1,12 @@
{% extends 'frontend/base.html.j2' %}
{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %}
{% block title %}{{ gettext('new app token') }}{% endblock %}
{% block content %}
<div>
<p>
Your new App Token for {{ service.name }}:
Your new App Token for scopes: {app_token.scopes}:
</p>
<p>

View file

@ -58,36 +58,36 @@ def introspect() -> ResponseReturnValue:
return jsonify(token_info)
@api_views.route('/login/<service_name>', methods=['POST'])
def email_login(service_name: str) -> ResponseReturnValue:
if service_name not in lenticular_services:
return '', 404
service = lenticular_services[service_name]
# @api_views.route('/login/<service_name>', methods=['POST'])
# def email_login(service_name: str) -> ResponseReturnValue:
# if service_name not in lenticular_services:
# return '', 404
# service = lenticular_services[service_name]
if not request.is_json:
return jsonify({}), 400
req_payload = request.get_json() # type: Any
# if not request.is_json:
# return jsonify({}), 400
# req_payload = request.get_json() # type: Any
if not isinstance(req_payload, dict):
return 'bad request', 400
# if not isinstance(req_payload, dict):
# return 'bad request', 400
password = req_payload["password"]
username = req_payload["username"]
# password = req_payload["password"]
# username = req_payload["username"]
if '@' in username:
username = username.split('@')[0]
# if '@' in username:
# username = username.split('@')[0]
user = User.query.filter_by(username=username.lower()).first() # type: Optional[User]
if user is None:
logger.warning(f'login with invalid username')
return jsonify({}), 403
# user = User.query.filter_by(username=username.lower()).first() # type: Optional[User]
# if user is None:
# logger.warning(f'login with invalid username')
# return jsonify({}), 403
for app_token in user.get_tokens_by_service(service):
if secrets.compare_digest(password, app_token.token):
app_token.last_used = datetime.now()
db.session.commit()
return jsonify({'username': user.username}), 200
# for app_token in user.get_token_by_name(service):
# if secrets.compare_digest(password, app_token.token):
# app_token.last_used = datetime.now()
# db.session.commit()
# return jsonify({'username': user.username}), 200
logger.warning(f'login with invalid password for {username}')
return jsonify({}), 403
# logger.warning(f'login with invalid password for {username}')
# return jsonify({}), 403

View file

@ -153,17 +153,14 @@ def app_token() -> ResponseReturnValue:
delete_form=delete_form,
services=lenticular_services)
@frontend_views.route('/app_token/<service_name>/new', methods=['GET','POST'])
def app_token_new(service_name: str) -> ResponseReturnValue:
if service_name not in lenticular_services:
return '', 404
service = lenticular_services[service_name]
@frontend_views.route('/app_token/new', methods=['GET','POST'])
def app_token_new() -> ResponseReturnValue:
form = AppTokenForm()
if form.validate_on_submit():
user_any = get_current_user() # type: Any
user = user_any # type: User
app_token = AppToken.new(user, service, "")
app_token = AppToken.new(user, name="",scopes="")
form.populate_obj(app_token)
# check for duplicate names
for user_app_token in user.app_tokens:
@ -171,23 +168,18 @@ def app_token_new(service_name: str) -> ResponseReturnValue:
return 'name already exist', 400
user.app_tokens.append(app_token)
db.session.commit()
return render_template('frontend/app_token_new_show.html.j2', service=service, app_token=app_token)
return render_template('frontend/app_token_new_show.html.j2', app_token=app_token)
return render_template('frontend/app_token_new.html.j2',
form=form,
service=service)
form=form)
@frontend_views.route('/app_token/<service_name>/<app_token_name>', methods=["POST"])
def app_token_delete(service_name: str, app_token_name: str) -> ResponseReturnValue:
@frontend_views.route('/app_token/<app_token_name>', methods=["POST"])
def app_token_delete(app_token_name: str) -> ResponseReturnValue:
form = AppTokenDeleteForm()
if service_name not in lenticular_services:
return '', 404
service = lenticular_services[service_name]
if form.validate_on_submit():
app_token = get_current_user().get_token(service, app_token_name)
app_token = get_current_user().get_token_by_name(app_token_name)
if app_token is None:
return 'not found', 404
db.session.delete(app_token)