bugfixes, error handling

2020-06-02 19:09:32 +02:00 · 2020-06-02 19:09:32 +02:00 · 9ca15167ba
parent 359281c5c9
commit 9ca15167ba
5 changed files with 57 additions and 40 deletions
--- a/browser_app/index.js
+++ b/browser_app/index.js
@ -49,7 +49,7 @@ window.$(document).ready(function () {

 window.admin = {
 	registration: {
-		delete: function(href, registration_id, username) {
+		delete: function(href, username) {
 			var dialog = new ConfirmDialog('Reject user registration', `Are you sure to reject the registration request from "${username}"?`);
 			dialog.show().then(()=>{
 				fetch(href, {
@ -58,7 +58,7 @@ window.admin = {
 			});
 			return false;
 		},
-		accept: function(href, registration_id, username) {
+		accept: function(href, username) {
 			var dialog = new ConfirmDialog('Accept user registration', `Are you sure to accept the registration request from "${username}"?`);
 			dialog.show().then(()=>{
 				fetch(href, {
@ -197,26 +197,36 @@ window.client_cert = {
 			SimpleFormSubmit.submitForm(form_sign_key.action, form_sign_key)
 				.then(response => {
 					response.json().then( response => {
-						// get certificate
-						var data = response.data;
-						var certs = [
-							pki.certificateFromPem(data.cert),
-							pki.certificateFromPem(data.ca_cert)
-						];
-						var password = form.querySelector('#cert-password').value;
-						var p12Asn1;
-						if (password == '') {
-							p12Asn1 = pkcs12.toPkcs12Asn1(keypair.privateKey, certs, null, {algorithm: '3des'}); // without password
+						if (data.errors) {
+							var msg ='<ul>';
+							for( var field in data.errors) {
+								msg += `<li>${field}: ${data.errors[field]}</li>`;
+							}
+							msg += '</ul>';
+							new Dialog('Password change Error', `Error Happend: ${msg}`).show()
 						} else {
-							p12Asn1 = pkcs12.toPkcs12Asn1(keypair.privateKey, certs, password, {algorithm: '3des'}); // without password
+							// get certificate
+							var data = response.data;
+							var certs = [
+								pki.certificateFromPem(data.cert),
+								pki.certificateFromPem(data.ca_cert)
+							];
+							var password = form.querySelector('#cert-password').value;
+							var p12Asn1;
+							if (password == '') {
+								p12Asn1 = pkcs12.toPkcs12Asn1(keypair.privateKey, certs, null, {algorithm: '3des'}); // without password
+							} else {
+								p12Asn1 = pkcs12.toPkcs12Asn1(keypair.privateKey, certs, password, {algorithm: '3des'}); // without password
+							}
+							var p12Der = asn1.toDer(p12Asn1).getBytes();
+							var p12b64 = util.encode64(p12Der);
+
+
+							var button = $('#save-button');
+							button.href= "data:application/x-pkcs12;base64," + p12b64
+							button.style['display'] ='block';
+							//new Dialog('Password changed', 'Password changed successfully!').show();
 						}
-						var p12Der = asn1.toDer(p12Asn1).getBytes();
-						var p12b64 = util.encode64(p12Der);
-
-
-						var button = $('#save-button');
-						button.href= "data:application/x-pkcs12;base64," + p12b64
-						button.style['display'] ='block';
 					});
 				});
 		});
--- a/lenticular_cloud/views/admin.py
+++ b/lenticular_cloud/views/admin.py
@ -5,6 +5,7 @@ from flask import jsonify
 from flask_login import current_user, logout_user
 from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
 from ..model import db, User, UserSignUp
+from .frontend import redirect_login


 admin_views = Blueprint('admin', __name__, url_prefix='/admin')
@ -15,13 +16,11 @@ def before_request():
        resp = current_app.oauth.session.get('/userinfo')
        data = resp.json()
        if not current_user.is_authenticated or resp.status_code is not 200:
-            logout_user()
-            return redirect(url_for('oauth.login'))
+            return redirect_login()
        if 'admin' not in data['groups']:
            return 'Not an admin', 403
    except TokenExpiredError:
-        logout_user()
-        return redirect(url_for('oauth.login'))
+        return redirect_login()


 admin_views.before_request(before_request)
--- a/lenticular_cloud/views/frontend.py
+++ b/lenticular_cloud/views/frontend.py
@ -1,9 +1,9 @@

 from urllib.parse import urlencode, parse_qs

-from flask import Blueprint, redirect
+from flask import Blueprint, redirect, request
 from flask import current_app
-from flask import jsonify
+from flask import jsonify, session
 from flask import render_template, url_for, flash
 from flask_login import login_user, logout_user, current_user
 from werkzeug.utils import redirect
@ -11,6 +11,7 @@ import logging
 from datetime import timedelta
 from base64 import b64decode
 from flask_dance.consumer import oauth_authorized
+from flask_dance.consumer.base import oauth_before_login
 from flask_dance.consumer import OAuth2ConsumerBlueprint
 from oauthlib.oauth2.rfc6749.errors import TokenExpiredError

@ -22,16 +23,18 @@ from ..auth_providers import LdapAuthProvider
 frontend_views = Blueprint('frontend', __name__, url_prefix='')
 logger = logging.getLogger(__name__)

+def redirect_login():
+    logout_user()
+    session['next_url'] = request.path
+    return redirect(url_for('oauth.login', next_url=request.path))

 def before_request():
    try:
        resp = current_app.oauth.session.get('/userinfo')
        if not current_user.is_authenticated or resp.status_code is not 200:
-            logout_user()
-            return redirect(url_for('oauth.login'))
+            return redirect_login()
    except TokenExpiredError:
-        logout_user()
-        return redirect(url_for('oauth.login'))
+        return redirect_login()


 frontend_views.before_request(before_request)
@ -48,7 +51,7 @@ def init_login_manager(app):

    @app.login_manager.unauthorized_handler
    def unauthorized():
-        return redirect(url_for('oauth.login'))
+        redirect_login()

    base_url = app.config['HYDRA_PUBLIC_URL']
    example_blueprint = OAuth2ConsumerBlueprint(
@ -64,7 +67,7 @@ def init_login_manager(app):
    app.oauth = example_blueprint

    @oauth_authorized.connect_via(app.oauth)
-    def github_logged_in(blueprint, token):
+    def oauth2_logged_in(blueprint, token):
        if not token:
            flash("Failed to log in.", category="error")
            return False
@ -72,7 +75,7 @@ def init_login_manager(app):

        resp = blueprint.session.get("/userinfo")
        if not resp.ok:
-            msg = "Failed to fetch user info from GitHub."
+            msg = "Failed to fetch user info from hydra."
            flash(msg, category="error")
            return False

@ -90,15 +93,20 @@ def init_login_manager(app):
        # trying to incorrectly save it for us.
        return True

-    @frontend_views.route('/logout')
-    def logout():
-        logout_user()
-        return redirect(
-            f'{current_app.config["HYDRA_PUBLIC_URL"]}/oauth2/sessions/logout')
+
+@frontend_views.route('/logout')
+def logout():
+    logout_user()
+    return redirect(
+        f'{current_app.config["HYDRA_PUBLIC_URL"]}/oauth2/sessions/logout')


@frontend_views.route('/', methods=['GET'])
 def index():
+    if 'next_url' in session:
+        next_url = session['next_url']
+        del session['next_url']
+        return redirect(next_url)
    return render_template('frontend/index.html.j2')


--- a/static/main.js
+++ b/static/main.js
--- a/static/main.js.map
+++ b/static/main.js.map