allow ppl to revoke app authorizations

files/routes/oauth.py

@@ -38,6 +38,18 @@ def authorize(v):
 	return redirect(f"{application.redirect_uri}?token={access_token}")
 
 
+@app.post("/rescind/<aid>")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@auth_required
+def rescind(v, aid):
+
+	auth = g.db.query(ClientAuth).filter_by(oauth_client = aid, user_id = v.id).one_or_none()
+	if not auth: abort(400)
+	g.db.delete(auth)
+	return {"message": "Authorization revoked!"}
+
+
 @app.post("/api_keys")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
 @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@@ -260,7 +272,7 @@ def admin_apps_list(v):
 	return render_template("admin/apps.html", v=v, apps=apps)
 
 
-@app.post("/oauth/reroll/<aid>")
+@app.post("/reroll/<aid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
 @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
 @auth_required

files/templates/settings_apps.html

@@ -43,7 +43,7 @@
 		</div>
 		<div class="footer">
 			<div class="d-flex">
-				<a role="button" class="btn btn-secondary ml-auto" onclick="post_toast(this,'/oauth/reroll/{{app.id}}', true)">Reroll Client ID</a>
+				<a role="button" class="btn btn-secondary ml-auto" onclick="post_toast(this,'/reroll/{{app.id}}', true)">Reroll Client ID</a>
 				<input type="submit" onclick="disable(this)" class="btn btn-primary ml-2" value="Save Changes">
 			</div>
 		</div>
@@ -109,7 +109,7 @@
 		</div>
 		<div class="footer">
 			<div class="d-flex">
-				<a role="button" class="btn btn-primary ml-auto text-white" onclick="post_toast(this,'/oauth/rescind/{{auth.id}}')">Revoke</a>
+				<a role="button" class="btn btn-primary ml-auto text-white" onclick="post_toast(this,'/rescind/{{auth.application.id}}')">Revoke</a>
 			</div>
 		</div>
 	</div>