diff --git a/files/routes/oauth.py b/files/routes/oauth.py index 522856034..e48a6ea42 100644 --- a/files/routes/oauth.py +++ b/files/routes/oauth.py @@ -38,6 +38,18 @@ def authorize(v): return redirect(f"{application.redirect_uri}?token={access_token}") +@app.post("/rescind/") +@limiter.limit("1/second;30/minute;200/hour;1000/day") +@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') +@auth_required +def rescind(v, aid): + + auth = g.db.query(ClientAuth).filter_by(oauth_client = aid, user_id = v.id).one_or_none() + if not auth: abort(400) + g.db.delete(auth) + return {"message": "Authorization revoked!"} + + @app.post("/api_keys") @limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @@ -260,7 +272,7 @@ def admin_apps_list(v): return render_template("admin/apps.html", v=v, apps=apps) -@app.post("/oauth/reroll/") +@app.post("/reroll/") @limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @auth_required diff --git a/files/templates/settings_apps.html b/files/templates/settings_apps.html index 6626dfede..efc6b78ec 100644 --- a/files/templates/settings_apps.html +++ b/files/templates/settings_apps.html @@ -43,7 +43,7 @@
- Reroll Client ID + Reroll Client ID
@@ -109,7 +109,7 @@
- Revoke + Revoke