return the actual key

pull/20/head
db0 2023-09-05 11:29:40 +02:00
parent c01ad45b16
commit 8a70713707
2 changed files with 12 additions and 3 deletions

View File

@ -44,3 +44,7 @@ class Models:
self.input_censures_modify = api.model('ModifyCensure', {
'reason': fields.String(required=False, description="The reason for this censure. No profanity or hate speech allowed!", example="csam"),
})
self.response_model_api_key = api.model('SimpleResponse', {
"message": fields.String(default='OK',required=True, description="The result of this operation."),
"new_key": fields.String(default=None,required=False, description="The new API key"),
})

View File

@ -105,7 +105,7 @@ class WhitelistDomain(Resource):
patch_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers')
patch_parser.add_argument("Client-Agent", default="unknown:0:unknown", type=str, required=False, help="The client name and version.", location="headers")
patch_parser.add_argument("admin_username", required=False, type=str, help="If a username is given, their API key will be reset. Otherwise the user's whose API key was provided will be reset. This allows can be initiated by other instance admins or the fediseer.", location="json")
patch_parser.add_argument("return_new_key", required=False, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json")
patch_parser.add_argument("return_new_key", default=False, required=False, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json")
@api.expect(patch_parser)
@ -122,6 +122,7 @@ class WhitelistDomain(Resource):
if not user:
raise e.Forbidden("You have not yet claimed an instance. Use the POST method to do so.")
instance = database.find_instance_by_user(user)
requestor_instance = instance
if self.args.admin_username:
requestor = None
if self.args.admin_username != user.username or user.username == "fediseer":
@ -131,16 +132,20 @@ class WhitelistDomain(Resource):
raise e.NotFound(f"No Instance found matching provided domain. Have you remembered to register it?")
if instance != instance_to_reset and user.username != "fediseer":
raise e.BadRequest("Only other admins of the same instance or the fediseer can request API key reset for others.")
instance = instance_to_reset
user = database.find_user_by_account(f"@{self.args.admin_username}@{domain}")
if self.args.return_new_key:
if requestor is None:
requestor = requestor = user.username
requestor = f"{user.username}@{requestor_instance.domain}"
new_key = activitypub_pm.pm_new_key_notification(domain, self.args.admin_username, instance.software, requestor=requestor)
else:
new_key = activitypub_pm.pm_new_api_key(domain, self.args.admin_username, instance.software, requestor=requestor)
user.api_key = hash_api_key(new_key)
db.session.commit()
if self.args.return_new_key:
return {"message": "Changed", "new_key": new_key},200
else:
return {"message": "Changed"},200
delete_parser = reqparse.RequestParser()