bugfixes, error handling

This commit is contained in:
TuxCoder 2020-06-02 19:09:32 +02:00
parent 359281c5c9
commit 9ca15167ba
5 changed files with 57 additions and 40 deletions

View file

@ -49,7 +49,7 @@ window.$(document).ready(function () {
window.admin = { window.admin = {
registration: { registration: {
delete: function(href, registration_id, username) { delete: function(href, username) {
var dialog = new ConfirmDialog('Reject user registration', `Are you sure to reject the registration request from "${username}"?`); var dialog = new ConfirmDialog('Reject user registration', `Are you sure to reject the registration request from "${username}"?`);
dialog.show().then(()=>{ dialog.show().then(()=>{
fetch(href, { fetch(href, {
@ -58,7 +58,7 @@ window.admin = {
}); });
return false; return false;
}, },
accept: function(href, registration_id, username) { accept: function(href, username) {
var dialog = new ConfirmDialog('Accept user registration', `Are you sure to accept the registration request from "${username}"?`); var dialog = new ConfirmDialog('Accept user registration', `Are you sure to accept the registration request from "${username}"?`);
dialog.show().then(()=>{ dialog.show().then(()=>{
fetch(href, { fetch(href, {
@ -197,6 +197,14 @@ window.client_cert = {
SimpleFormSubmit.submitForm(form_sign_key.action, form_sign_key) SimpleFormSubmit.submitForm(form_sign_key.action, form_sign_key)
.then(response => { .then(response => {
response.json().then( response => { response.json().then( response => {
if (data.errors) {
var msg ='<ul>';
for( var field in data.errors) {
msg += `<li>${field}: ${data.errors[field]}</li>`;
}
msg += '</ul>';
new Dialog('Password change Error', `Error Happend: ${msg}`).show()
} else {
// get certificate // get certificate
var data = response.data; var data = response.data;
var certs = [ var certs = [
@ -217,6 +225,8 @@ window.client_cert = {
var button = $('#save-button'); var button = $('#save-button');
button.href= "data:application/x-pkcs12;base64," + p12b64 button.href= "data:application/x-pkcs12;base64," + p12b64
button.style['display'] ='block'; button.style['display'] ='block';
//new Dialog('Password changed', 'Password changed successfully!').show();
}
}); });
}); });
}); });

View file

@ -5,6 +5,7 @@ from flask import jsonify
from flask_login import current_user, logout_user from flask_login import current_user, logout_user
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
from ..model import db, User, UserSignUp from ..model import db, User, UserSignUp
from .frontend import redirect_login
admin_views = Blueprint('admin', __name__, url_prefix='/admin') admin_views = Blueprint('admin', __name__, url_prefix='/admin')
@ -15,13 +16,11 @@ def before_request():
resp = current_app.oauth.session.get('/userinfo') resp = current_app.oauth.session.get('/userinfo')
data = resp.json() data = resp.json()
if not current_user.is_authenticated or resp.status_code is not 200: if not current_user.is_authenticated or resp.status_code is not 200:
logout_user() return redirect_login()
return redirect(url_for('oauth.login'))
if 'admin' not in data['groups']: if 'admin' not in data['groups']:
return 'Not an admin', 403 return 'Not an admin', 403
except TokenExpiredError: except TokenExpiredError:
logout_user() return redirect_login()
return redirect(url_for('oauth.login'))
admin_views.before_request(before_request) admin_views.before_request(before_request)

View file

@ -1,9 +1,9 @@
from urllib.parse import urlencode, parse_qs from urllib.parse import urlencode, parse_qs
from flask import Blueprint, redirect from flask import Blueprint, redirect, request
from flask import current_app from flask import current_app
from flask import jsonify from flask import jsonify, session
from flask import render_template, url_for, flash from flask import render_template, url_for, flash
from flask_login import login_user, logout_user, current_user from flask_login import login_user, logout_user, current_user
from werkzeug.utils import redirect from werkzeug.utils import redirect
@ -11,6 +11,7 @@ import logging
from datetime import timedelta from datetime import timedelta
from base64 import b64decode from base64 import b64decode
from flask_dance.consumer import oauth_authorized from flask_dance.consumer import oauth_authorized
from flask_dance.consumer.base import oauth_before_login
from flask_dance.consumer import OAuth2ConsumerBlueprint from flask_dance.consumer import OAuth2ConsumerBlueprint
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
@ -22,16 +23,18 @@ from ..auth_providers import LdapAuthProvider
frontend_views = Blueprint('frontend', __name__, url_prefix='') frontend_views = Blueprint('frontend', __name__, url_prefix='')
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
def redirect_login():
logout_user()
session['next_url'] = request.path
return redirect(url_for('oauth.login', next_url=request.path))
def before_request(): def before_request():
try: try:
resp = current_app.oauth.session.get('/userinfo') resp = current_app.oauth.session.get('/userinfo')
if not current_user.is_authenticated or resp.status_code is not 200: if not current_user.is_authenticated or resp.status_code is not 200:
logout_user() return redirect_login()
return redirect(url_for('oauth.login'))
except TokenExpiredError: except TokenExpiredError:
logout_user() return redirect_login()
return redirect(url_for('oauth.login'))
frontend_views.before_request(before_request) frontend_views.before_request(before_request)
@ -48,7 +51,7 @@ def init_login_manager(app):
@app.login_manager.unauthorized_handler @app.login_manager.unauthorized_handler
def unauthorized(): def unauthorized():
return redirect(url_for('oauth.login')) redirect_login()
base_url = app.config['HYDRA_PUBLIC_URL'] base_url = app.config['HYDRA_PUBLIC_URL']
example_blueprint = OAuth2ConsumerBlueprint( example_blueprint = OAuth2ConsumerBlueprint(
@ -64,7 +67,7 @@ def init_login_manager(app):
app.oauth = example_blueprint app.oauth = example_blueprint
@oauth_authorized.connect_via(app.oauth) @oauth_authorized.connect_via(app.oauth)
def github_logged_in(blueprint, token): def oauth2_logged_in(blueprint, token):
if not token: if not token:
flash("Failed to log in.", category="error") flash("Failed to log in.", category="error")
return False return False
@ -72,7 +75,7 @@ def init_login_manager(app):
resp = blueprint.session.get("/userinfo") resp = blueprint.session.get("/userinfo")
if not resp.ok: if not resp.ok:
msg = "Failed to fetch user info from GitHub." msg = "Failed to fetch user info from hydra."
flash(msg, category="error") flash(msg, category="error")
return False return False
@ -90,8 +93,9 @@ def init_login_manager(app):
# trying to incorrectly save it for us. # trying to incorrectly save it for us.
return True return True
@frontend_views.route('/logout')
def logout(): @frontend_views.route('/logout')
def logout():
logout_user() logout_user()
return redirect( return redirect(
f'{current_app.config["HYDRA_PUBLIC_URL"]}/oauth2/sessions/logout') f'{current_app.config["HYDRA_PUBLIC_URL"]}/oauth2/sessions/logout')
@ -99,6 +103,10 @@ def init_login_manager(app):
@frontend_views.route('/', methods=['GET']) @frontend_views.route('/', methods=['GET'])
def index(): def index():
if 'next_url' in session:
next_url = session['next_url']
del session['next_url']
return redirect(next_url)
return render_template('frontend/index.html.j2') return render_template('frontend/index.html.j2')

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long