return the actual key

pull/20/head
db0 2023-09-05 11:29:40 +02:00
parent c01ad45b16
commit 8a70713707
2 changed files with 12 additions and 3 deletions

View File

@ -44,3 +44,7 @@ class Models:
self.input_censures_modify = api.model('ModifyCensure', { self.input_censures_modify = api.model('ModifyCensure', {
'reason': fields.String(required=False, description="The reason for this censure. No profanity or hate speech allowed!", example="csam"), 'reason': fields.String(required=False, description="The reason for this censure. No profanity or hate speech allowed!", example="csam"),
}) })
self.response_model_api_key = api.model('SimpleResponse', {
"message": fields.String(default='OK',required=True, description="The result of this operation."),
"new_key": fields.String(default=None,required=False, description="The new API key"),
})

View File

@ -105,7 +105,7 @@ class WhitelistDomain(Resource):
patch_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers') patch_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers')
patch_parser.add_argument("Client-Agent", default="unknown:0:unknown", type=str, required=False, help="The client name and version.", location="headers") patch_parser.add_argument("Client-Agent", default="unknown:0:unknown", type=str, required=False, help="The client name and version.", location="headers")
patch_parser.add_argument("admin_username", required=False, type=str, help="If a username is given, their API key will be reset. Otherwise the user's whose API key was provided will be reset. This allows can be initiated by other instance admins or the fediseer.", location="json") patch_parser.add_argument("admin_username", required=False, type=str, help="If a username is given, their API key will be reset. Otherwise the user's whose API key was provided will be reset. This allows can be initiated by other instance admins or the fediseer.", location="json")
patch_parser.add_argument("return_new_key", required=False, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json") patch_parser.add_argument("return_new_key", default=False, required=False, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json")
@api.expect(patch_parser) @api.expect(patch_parser)
@ -122,6 +122,7 @@ class WhitelistDomain(Resource):
if not user: if not user:
raise e.Forbidden("You have not yet claimed an instance. Use the POST method to do so.") raise e.Forbidden("You have not yet claimed an instance. Use the POST method to do so.")
instance = database.find_instance_by_user(user) instance = database.find_instance_by_user(user)
requestor_instance = instance
if self.args.admin_username: if self.args.admin_username:
requestor = None requestor = None
if self.args.admin_username != user.username or user.username == "fediseer": if self.args.admin_username != user.username or user.username == "fediseer":
@ -131,17 +132,21 @@ class WhitelistDomain(Resource):
raise e.NotFound(f"No Instance found matching provided domain. Have you remembered to register it?") raise e.NotFound(f"No Instance found matching provided domain. Have you remembered to register it?")
if instance != instance_to_reset and user.username != "fediseer": if instance != instance_to_reset and user.username != "fediseer":
raise e.BadRequest("Only other admins of the same instance or the fediseer can request API key reset for others.") raise e.BadRequest("Only other admins of the same instance or the fediseer can request API key reset for others.")
instance = instance_to_reset instance = instance_to_reset
user = database.find_user_by_account(f"@{self.args.admin_username}@{domain}") user = database.find_user_by_account(f"@{self.args.admin_username}@{domain}")
if self.args.return_new_key: if self.args.return_new_key:
if requestor is None: if requestor is None:
requestor = requestor = user.username requestor = f"{user.username}@{requestor_instance.domain}"
new_key = activitypub_pm.pm_new_key_notification(domain, self.args.admin_username, instance.software, requestor=requestor) new_key = activitypub_pm.pm_new_key_notification(domain, self.args.admin_username, instance.software, requestor=requestor)
else: else:
new_key = activitypub_pm.pm_new_api_key(domain, self.args.admin_username, instance.software, requestor=requestor) new_key = activitypub_pm.pm_new_api_key(domain, self.args.admin_username, instance.software, requestor=requestor)
user.api_key = hash_api_key(new_key) user.api_key = hash_api_key(new_key)
db.session.commit() db.session.commit()
return {"message": "Changed"},200 if self.args.return_new_key:
return {"message": "Changed", "new_key": new_key},200
else:
return {"message": "Changed"},200
delete_parser = reqparse.RequestParser() delete_parser = reqparse.RequestParser()
delete_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers') delete_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers')