forked from rDrama/rDrama
allow ppl to revoke app authorizations
parent
e40f6881d8
commit
48cbe8a6b1
|
@ -38,6 +38,18 @@ def authorize(v):
|
|||
return redirect(f"{application.redirect_uri}?token={access_token}")
|
||||
|
||||
|
||||
@app.post("/rescind/<aid>")
|
||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
|
||||
@auth_required
|
||||
def rescind(v, aid):
|
||||
|
||||
auth = g.db.query(ClientAuth).filter_by(oauth_client = aid, user_id = v.id).one_or_none()
|
||||
if not auth: abort(400)
|
||||
g.db.delete(auth)
|
||||
return {"message": "Authorization revoked!"}
|
||||
|
||||
|
||||
@app.post("/api_keys")
|
||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
|
||||
|
@ -260,7 +272,7 @@ def admin_apps_list(v):
|
|||
return render_template("admin/apps.html", v=v, apps=apps)
|
||||
|
||||
|
||||
@app.post("/oauth/reroll/<aid>")
|
||||
@app.post("/reroll/<aid>")
|
||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
|
||||
@auth_required
|
||||
|
|
|
@ -43,7 +43,7 @@
|
|||
</div>
|
||||
<div class="footer">
|
||||
<div class="d-flex">
|
||||
<a role="button" class="btn btn-secondary ml-auto" onclick="post_toast(this,'/oauth/reroll/{{app.id}}', true)">Reroll Client ID</a>
|
||||
<a role="button" class="btn btn-secondary ml-auto" onclick="post_toast(this,'/reroll/{{app.id}}', true)">Reroll Client ID</a>
|
||||
<input type="submit" onclick="disable(this)" class="btn btn-primary ml-2" value="Save Changes">
|
||||
</div>
|
||||
</div>
|
||||
|
@ -109,7 +109,7 @@
|
|||
</div>
|
||||
<div class="footer">
|
||||
<div class="d-flex">
|
||||
<a role="button" class="btn btn-primary ml-auto text-white" onclick="post_toast(this,'/oauth/rescind/{{auth.id}}')">Revoke</a>
|
||||
<a role="button" class="btn btn-primary ml-auto text-white" onclick="post_toast(this,'/rescind/{{auth.application.id}}')">Revoke</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
Loading…
Reference in New Issue