diff --git a/fediseer/apis/models/v1.py b/fediseer/apis/models/v1.py index 2a1d331..82fc86a 100644 --- a/fediseer/apis/models/v1.py +++ b/fediseer/apis/models/v1.py @@ -44,3 +44,7 @@ class Models: self.input_censures_modify = api.model('ModifyCensure', { 'reason': fields.String(required=False, description="The reason for this censure. No profanity or hate speech allowed!", example="csam"), }) + self.response_model_api_key = api.model('SimpleResponse', { + "message": fields.String(default='OK',required=True, description="The result of this operation."), + "new_key": fields.String(default=None,required=False, description="The new API key"), + }) diff --git a/fediseer/apis/v1/whitelist.py b/fediseer/apis/v1/whitelist.py index 8deed62..40bd844 100644 --- a/fediseer/apis/v1/whitelist.py +++ b/fediseer/apis/v1/whitelist.py @@ -105,7 +105,7 @@ class WhitelistDomain(Resource): patch_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers') patch_parser.add_argument("Client-Agent", default="unknown:0:unknown", type=str, required=False, help="The client name and version.", location="headers") patch_parser.add_argument("admin_username", required=False, type=str, help="If a username is given, their API key will be reset. Otherwise the user's whose API key was provided will be reset. This allows can be initiated by other instance admins or the fediseer.", location="json") - patch_parser.add_argument("return_new_key", required=False, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json") + patch_parser.add_argument("return_new_key", default=False, required=False, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json") @api.expect(patch_parser) @@ -122,6 +122,7 @@ class WhitelistDomain(Resource): if not user: raise e.Forbidden("You have not yet claimed an instance. Use the POST method to do so.") instance = database.find_instance_by_user(user) + requestor_instance = instance if self.args.admin_username: requestor = None if self.args.admin_username != user.username or user.username == "fediseer": @@ -131,17 +132,21 @@ class WhitelistDomain(Resource): raise e.NotFound(f"No Instance found matching provided domain. Have you remembered to register it?") if instance != instance_to_reset and user.username != "fediseer": raise e.BadRequest("Only other admins of the same instance or the fediseer can request API key reset for others.") + instance = instance_to_reset user = database.find_user_by_account(f"@{self.args.admin_username}@{domain}") if self.args.return_new_key: if requestor is None: - requestor = requestor = user.username + requestor = f"{user.username}@{requestor_instance.domain}" new_key = activitypub_pm.pm_new_key_notification(domain, self.args.admin_username, instance.software, requestor=requestor) else: new_key = activitypub_pm.pm_new_api_key(domain, self.args.admin_username, instance.software, requestor=requestor) user.api_key = hash_api_key(new_key) db.session.commit() - return {"message": "Changed"},200 + if self.args.return_new_key: + return {"message": "Changed", "new_key": new_key},200 + else: + return {"message": "Changed"},200 delete_parser = reqparse.RequestParser() delete_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers')