carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity

fsdfds

master
Aevann1 2021-10-15 17:59:23 +02:00
parent bfbfcb8dbe
commit abc11732d2
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
files/routes/oauth.py
View File

@ -26,11 +26,7 @@ def authorize(v):
application = g.db.query(OauthApp).options(lazyload('*')).filter_by(client_id=client_id).first()
if not application: return {"oauth_error": "Invalid `client_id`"}, 401
access_token = secrets.token_urlsafe(128)[:128]
new_auth = ClientAuth(
oauth_client = application.id,
user_id = v.id,
access_token=access_token
)
new_auth = ClientAuth(oauth_client = application.id, user_id = v.id, access_token=access_token)
g.db.add(new_auth)
@ -69,6 +65,8 @@ def delete_oauth_app(v, aid):
aid = int(aid)
app = g.db.query(OauthApp).options(lazyload('*')).filter_by(id=aid).first()
if app.author_id != v.id: abort(403)
for auth in g.db.query(ClientAuth).options(lazyload('*')).filter_by(oauth_client=app.id).all():
g.db.delete(auth)
@ -88,6 +86,8 @@ def edit_oauth_app(v, aid):
aid = int(aid)
app = g.db.query(OauthApp).options(lazyload('*')).filter_by(id=aid).first()
if app.author_id != v.id: abort(403)
app.redirect_uri = request.values.get('redirect_uri')
app.app_name = request.values.get('name')
app.description = request.values.get("description")[:256]