bugfixes, error handling
This commit is contained in:
parent
359281c5c9
commit
9ca15167ba
|
@ -49,7 +49,7 @@ window.$(document).ready(function () {
|
||||||
|
|
||||||
window.admin = {
|
window.admin = {
|
||||||
registration: {
|
registration: {
|
||||||
delete: function(href, registration_id, username) {
|
delete: function(href, username) {
|
||||||
var dialog = new ConfirmDialog('Reject user registration', `Are you sure to reject the registration request from "${username}"?`);
|
var dialog = new ConfirmDialog('Reject user registration', `Are you sure to reject the registration request from "${username}"?`);
|
||||||
dialog.show().then(()=>{
|
dialog.show().then(()=>{
|
||||||
fetch(href, {
|
fetch(href, {
|
||||||
|
@ -58,7 +58,7 @@ window.admin = {
|
||||||
});
|
});
|
||||||
return false;
|
return false;
|
||||||
},
|
},
|
||||||
accept: function(href, registration_id, username) {
|
accept: function(href, username) {
|
||||||
var dialog = new ConfirmDialog('Accept user registration', `Are you sure to accept the registration request from "${username}"?`);
|
var dialog = new ConfirmDialog('Accept user registration', `Are you sure to accept the registration request from "${username}"?`);
|
||||||
dialog.show().then(()=>{
|
dialog.show().then(()=>{
|
||||||
fetch(href, {
|
fetch(href, {
|
||||||
|
@ -197,6 +197,14 @@ window.client_cert = {
|
||||||
SimpleFormSubmit.submitForm(form_sign_key.action, form_sign_key)
|
SimpleFormSubmit.submitForm(form_sign_key.action, form_sign_key)
|
||||||
.then(response => {
|
.then(response => {
|
||||||
response.json().then( response => {
|
response.json().then( response => {
|
||||||
|
if (data.errors) {
|
||||||
|
var msg ='<ul>';
|
||||||
|
for( var field in data.errors) {
|
||||||
|
msg += `<li>${field}: ${data.errors[field]}</li>`;
|
||||||
|
}
|
||||||
|
msg += '</ul>';
|
||||||
|
new Dialog('Password change Error', `Error Happend: ${msg}`).show()
|
||||||
|
} else {
|
||||||
// get certificate
|
// get certificate
|
||||||
var data = response.data;
|
var data = response.data;
|
||||||
var certs = [
|
var certs = [
|
||||||
|
@ -217,6 +225,8 @@ window.client_cert = {
|
||||||
var button = $('#save-button');
|
var button = $('#save-button');
|
||||||
button.href= "data:application/x-pkcs12;base64," + p12b64
|
button.href= "data:application/x-pkcs12;base64," + p12b64
|
||||||
button.style['display'] ='block';
|
button.style['display'] ='block';
|
||||||
|
//new Dialog('Password changed', 'Password changed successfully!').show();
|
||||||
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
@ -5,6 +5,7 @@ from flask import jsonify
|
||||||
from flask_login import current_user, logout_user
|
from flask_login import current_user, logout_user
|
||||||
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
|
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
|
||||||
from ..model import db, User, UserSignUp
|
from ..model import db, User, UserSignUp
|
||||||
|
from .frontend import redirect_login
|
||||||
|
|
||||||
|
|
||||||
admin_views = Blueprint('admin', __name__, url_prefix='/admin')
|
admin_views = Blueprint('admin', __name__, url_prefix='/admin')
|
||||||
|
@ -15,13 +16,11 @@ def before_request():
|
||||||
resp = current_app.oauth.session.get('/userinfo')
|
resp = current_app.oauth.session.get('/userinfo')
|
||||||
data = resp.json()
|
data = resp.json()
|
||||||
if not current_user.is_authenticated or resp.status_code is not 200:
|
if not current_user.is_authenticated or resp.status_code is not 200:
|
||||||
logout_user()
|
return redirect_login()
|
||||||
return redirect(url_for('oauth.login'))
|
|
||||||
if 'admin' not in data['groups']:
|
if 'admin' not in data['groups']:
|
||||||
return 'Not an admin', 403
|
return 'Not an admin', 403
|
||||||
except TokenExpiredError:
|
except TokenExpiredError:
|
||||||
logout_user()
|
return redirect_login()
|
||||||
return redirect(url_for('oauth.login'))
|
|
||||||
|
|
||||||
|
|
||||||
admin_views.before_request(before_request)
|
admin_views.before_request(before_request)
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
|
|
||||||
from urllib.parse import urlencode, parse_qs
|
from urllib.parse import urlencode, parse_qs
|
||||||
|
|
||||||
from flask import Blueprint, redirect
|
from flask import Blueprint, redirect, request
|
||||||
from flask import current_app
|
from flask import current_app
|
||||||
from flask import jsonify
|
from flask import jsonify, session
|
||||||
from flask import render_template, url_for, flash
|
from flask import render_template, url_for, flash
|
||||||
from flask_login import login_user, logout_user, current_user
|
from flask_login import login_user, logout_user, current_user
|
||||||
from werkzeug.utils import redirect
|
from werkzeug.utils import redirect
|
||||||
|
@ -11,6 +11,7 @@ import logging
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
from base64 import b64decode
|
from base64 import b64decode
|
||||||
from flask_dance.consumer import oauth_authorized
|
from flask_dance.consumer import oauth_authorized
|
||||||
|
from flask_dance.consumer.base import oauth_before_login
|
||||||
from flask_dance.consumer import OAuth2ConsumerBlueprint
|
from flask_dance.consumer import OAuth2ConsumerBlueprint
|
||||||
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
|
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
|
||||||
|
|
||||||
|
@ -22,16 +23,18 @@ from ..auth_providers import LdapAuthProvider
|
||||||
frontend_views = Blueprint('frontend', __name__, url_prefix='')
|
frontend_views = Blueprint('frontend', __name__, url_prefix='')
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
def redirect_login():
|
||||||
|
logout_user()
|
||||||
|
session['next_url'] = request.path
|
||||||
|
return redirect(url_for('oauth.login', next_url=request.path))
|
||||||
|
|
||||||
def before_request():
|
def before_request():
|
||||||
try:
|
try:
|
||||||
resp = current_app.oauth.session.get('/userinfo')
|
resp = current_app.oauth.session.get('/userinfo')
|
||||||
if not current_user.is_authenticated or resp.status_code is not 200:
|
if not current_user.is_authenticated or resp.status_code is not 200:
|
||||||
logout_user()
|
return redirect_login()
|
||||||
return redirect(url_for('oauth.login'))
|
|
||||||
except TokenExpiredError:
|
except TokenExpiredError:
|
||||||
logout_user()
|
return redirect_login()
|
||||||
return redirect(url_for('oauth.login'))
|
|
||||||
|
|
||||||
|
|
||||||
frontend_views.before_request(before_request)
|
frontend_views.before_request(before_request)
|
||||||
|
@ -48,7 +51,7 @@ def init_login_manager(app):
|
||||||
|
|
||||||
@app.login_manager.unauthorized_handler
|
@app.login_manager.unauthorized_handler
|
||||||
def unauthorized():
|
def unauthorized():
|
||||||
return redirect(url_for('oauth.login'))
|
redirect_login()
|
||||||
|
|
||||||
base_url = app.config['HYDRA_PUBLIC_URL']
|
base_url = app.config['HYDRA_PUBLIC_URL']
|
||||||
example_blueprint = OAuth2ConsumerBlueprint(
|
example_blueprint = OAuth2ConsumerBlueprint(
|
||||||
|
@ -64,7 +67,7 @@ def init_login_manager(app):
|
||||||
app.oauth = example_blueprint
|
app.oauth = example_blueprint
|
||||||
|
|
||||||
@oauth_authorized.connect_via(app.oauth)
|
@oauth_authorized.connect_via(app.oauth)
|
||||||
def github_logged_in(blueprint, token):
|
def oauth2_logged_in(blueprint, token):
|
||||||
if not token:
|
if not token:
|
||||||
flash("Failed to log in.", category="error")
|
flash("Failed to log in.", category="error")
|
||||||
return False
|
return False
|
||||||
|
@ -72,7 +75,7 @@ def init_login_manager(app):
|
||||||
|
|
||||||
resp = blueprint.session.get("/userinfo")
|
resp = blueprint.session.get("/userinfo")
|
||||||
if not resp.ok:
|
if not resp.ok:
|
||||||
msg = "Failed to fetch user info from GitHub."
|
msg = "Failed to fetch user info from hydra."
|
||||||
flash(msg, category="error")
|
flash(msg, category="error")
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
@ -90,8 +93,9 @@ def init_login_manager(app):
|
||||||
# trying to incorrectly save it for us.
|
# trying to incorrectly save it for us.
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@frontend_views.route('/logout')
|
|
||||||
def logout():
|
@frontend_views.route('/logout')
|
||||||
|
def logout():
|
||||||
logout_user()
|
logout_user()
|
||||||
return redirect(
|
return redirect(
|
||||||
f'{current_app.config["HYDRA_PUBLIC_URL"]}/oauth2/sessions/logout')
|
f'{current_app.config["HYDRA_PUBLIC_URL"]}/oauth2/sessions/logout')
|
||||||
|
@ -99,6 +103,10 @@ def init_login_manager(app):
|
||||||
|
|
||||||
@frontend_views.route('/', methods=['GET'])
|
@frontend_views.route('/', methods=['GET'])
|
||||||
def index():
|
def index():
|
||||||
|
if 'next_url' in session:
|
||||||
|
next_url = session['next_url']
|
||||||
|
del session['next_url']
|
||||||
|
return redirect(next_url)
|
||||||
return render_template('frontend/index.html.j2')
|
return render_template('frontend/index.html.j2')
|
||||||
|
|
||||||
|
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Loading…
Reference in a new issue