fdfd
Aevann1
parent
518509be78
commit
624a2e1161
|
|
@ -7,29 +7,22 @@ from .submission import Submission
|
|||
from .comment import Comment
|
||||
from drama.__main__ import Base
|
||||
|
||||
|
||||
class OauthApp(Base, Stndrd):
|
||||
|
||||
__tablename__ = "oauth_apps"
|
||||
|
||||
id = Column(Integer, primary_key=True)
|
||||
client_id = Column(String(64))
|
||||
client_secret = Column(String(128))
|
||||
app_name = Column(String(50))
|
||||
redirect_uri = Column(String(4096))
|
||||
author_id = Column(Integer, ForeignKey("users.id"))
|
||||
is_banned = Column(Boolean, default=False)
|
||||
description = Column(String(256))
|
||||
|
||||
author = relationship("User")
|
||||
|
||||
def __repr__(self):
|
||||
return f"<OauthApp(id={self.id})>"
|
||||
def __repr__(self): return f"<OauthApp(id={self.id})>"
|
||||
|
||||
@property
|
||||
def permalink(self):
|
||||
def permalink(self): return f"/admin/app/{self.id}"
|
||||
|
||||
return f"/admin/app/{self.id}"
|
||||
|
||||
def idlist(self, page=1, **kwargs):
|
||||
|
||||
|
|
@ -51,41 +44,12 @@ class OauthApp(Base, Stndrd):
|
|||
|
||||
return [x[0] for x in posts.all()]
|
||||
|
||||
|
||||
|
||||
|
||||
class ClientAuth(Base, Stndrd):
|
||||
|
||||
__tablename__ = "client_auths"
|
||||
|
||||
id = Column(Integer, primary_key=True)
|
||||
oauth_client = Column(Integer, ForeignKey("oauth_apps.id"))
|
||||
oauth_code = Column(String(128))
|
||||
user_id = Column(Integer, ForeignKey("users.id"))
|
||||
scope_identity = Column(Boolean, default=False)
|
||||
scope_create = Column(Boolean, default=False)
|
||||
scope_read = Column(Boolean, default=False)
|
||||
scope_update = Column(Boolean, default=False)
|
||||
scope_delete = Column(Boolean, default=False)
|
||||
scope_vote = Column(Boolean, default=False)
|
||||
access_token = Column(String(128))
|
||||
refresh_token = Column(String(128))
|
||||
access_token_expire_utc = Column(Integer)
|
||||
|
||||
user = relationship("User", lazy="joined")
|
||||
application = relationship("OauthApp", lazy="joined")
|
||||
|
||||
@property
|
||||
def scopelist(self):
|
||||
|
||||
output = ""
|
||||
output += "identity," if self.scope_identity else ""
|
||||
output += "create," if self.scope_create else ""
|
||||
output += "read," if self.scope_read else ""
|
||||
output += "update," if self.scope_update else ""
|
||||
output += "delete," if self.scope_delete else ""
|
||||
output += "vote," if self.scope_vote else ""
|
||||
|
||||
output = output.rstrip(',')
|
||||
|
||||
return output
|
||||
application = relationship("OauthApp", lazy="joined")
|
||||
|
|
@ -11,7 +11,6 @@ def authorize_prompt(v):
|
|||
client_id = request.args.get("client_id")
|
||||
application = g.db.query(OauthApp).filter_by(client_id=client_id).first()
|
||||
if not application: return {"oauth_error": "Invalid `client_id`"}, 401
|
||||
if application.is_banned: return {"oauth_error": f"Application `{application.app_name}` is suspended."}, 403
|
||||
return render_template("oauth.html", v=v, application=application)
|
||||
|
||||
|
||||
|
|
@ -23,7 +22,6 @@ def authorize(v):
|
|||
client_id = request.form.get("client_id")
|
||||
application = g.db.query(OauthApp).filter_by(client_id=client_id).first()
|
||||
if not application: return {"oauth_error": "Invalid `client_id`"}, 401
|
||||
if application.is_banned: return {"oauth_error": f"Application `{application.app_name}` is suspended."}, 403
|
||||
access_token = secrets.token_urlsafe(128)[:128]
|
||||
new_auth = ClientAuth(
|
||||
oauth_client = application.id,
|
||||
|
|
@ -97,8 +95,6 @@ def admin_app_approve(v, aid):
|
|||
app = g.db.query(OauthApp).filter_by(id=aid).first()
|
||||
|
||||
app.client_id = secrets.token_urlsafe(64)[:64]
|
||||
app.client_secret = secrets.token_urlsafe(128)[:128]
|
||||
|
||||
g.db.add(app)
|
||||
|
||||
access_token = secrets.token_urlsafe(128)[:128]
|
||||
|
|
@ -122,15 +118,14 @@ def admin_app_revoke(v, aid):
|
|||
|
||||
app = g.db.query(OauthApp).filter_by(id=aid).first()
|
||||
|
||||
app.client_id = None
|
||||
app.client_secret = None
|
||||
for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)
|
||||
|
||||
g.db.add(app)
|
||||
g.db.flush()
|
||||
send_notification(1046, app.author, f"Your application `{app.app_name}` has been revoked.")
|
||||
|
||||
u = get_account(app.author_id, v=v)
|
||||
send_notification(1046, u, f"Your application `{app.app_name}` has been revoked.")
|
||||
g.db.delete(app)
|
||||
|
||||
return {"message": f"{app.app_name} revoked"}
|
||||
return {"message": f"App revoked"}
|
||||
|
||||
|
||||
@app.post("/admin/app/reject/<aid>")
|
||||
|
|
@ -140,16 +135,14 @@ def admin_app_reject(v, aid):
|
|||
|
||||
app = g.db.query(OauthApp).filter_by(id=aid).first()
|
||||
|
||||
for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all():
|
||||
g.db.delete(auth)
|
||||
for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)
|
||||
|
||||
g.db.flush()
|
||||
u = get_account(app.author_id, v=v)
|
||||
send_notification(1046, u, f"Your application `{app.app_name}` has been rejected.")
|
||||
send_notification(1046, app.author, f"Your application `{app.app_name}` has been rejected.")
|
||||
|
||||
g.db.delete(app)
|
||||
|
||||
return {"message": f"{app.app_name} rejected"}
|
||||
return {"message": f"App rejected"}
|
||||
|
||||
|
||||
@app.get("/admin/app/<aid>")
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@
|
|||
</div>
|
||||
<div class="footer">
|
||||
<div class="d-flex">
|
||||
{% if not app.client_secret%}
|
||||
{% if not app.client_id%}
|
||||
|
||||
<a href="javascript:void(0)" class="btn btn-primary ml-auto" onclick="post_toast('/admin/app/approve/{{app.id}}')">Approve</a>
|
||||
<a href="javascript:void(0)" class="btn btn-secondary mr-0" onclick="post_toast('/admin/app/reject/{{app.id}}')">Reject</a>
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@
|
|||
<label for="edit-{{app.id}}-name" class="mb-0 w-lg-25">App Name</label>
|
||||
<input id="edit-{{app.id}}-name" class="form-control" type="text" name="name" value="{{app.app_name}}" readonly=readonly>
|
||||
|
||||
{% if app.client_secret %}
|
||||
{% if app.client_id %}
|
||||
<label for="edit-{{app.id}}-client-id" class="mb-0 w-lg-25">Client ID</label>
|
||||
<input id="edit-{{app.id}}-client-id" class="form-control" type="text" name="name" value="{{app.client_id}}" readonly="readonly">
|
||||
{% endif %}
|
||||
|
|
@ -37,7 +37,7 @@
|
|||
</div>
|
||||
<div class="footer">
|
||||
<div class="d-flex">
|
||||
{% if not app.client_secret %}
|
||||
{% if not app.client_id %}
|
||||
|
||||
<a href="javascript:void(0)" class="btn btn-primary ml-auto" onclick="post_toast('/admin/app/approve/{{app.id}}')">Approve</a>
|
||||
<a href="javascript:void(0)" class="btn btn-secondary mr-0" onclick="post_toast('/admin/app/reject/{{app.id}}')">Reject</a>
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
|
||||
<h2 class="h5">Your API Applications</h2>
|
||||
|
||||
{% for app in v.applications if app.client_secret %}
|
||||
{% for app in v.applications if app.client_id %}
|
||||
|
||||
<form id="edit-app-{{app.id}}" action="/edit_app/{{app.id}}" method="post">
|
||||
<div class="settings-section rounded">
|
||||
|
|
@ -50,7 +50,7 @@
|
|||
|
||||
<h2 class="h5">API Applications Awaiting Approval</h2>
|
||||
|
||||
{% for app in v.applications if not app.client_secret %}
|
||||
{% for app in v.applications if not app.client_id %}
|
||||
|
||||
<form id="edit-app-{{app.id}}" action="/edit_app/{{app.id}}" method="post">
|
||||
<div class="settings-section rounded">
|
||||
|
|
@ -92,7 +92,6 @@
|
|||
<div class="body w-lg-100">
|
||||
<input type="hidden" name="formkey" value="{{v.formkey}}">
|
||||
<label class="mb-0 w-lg-25">Permissions</label>
|
||||
<input class="form-control" type="text" name="name" value="{{auth.scopelist}}" readonly="readonly">
|
||||
<label class="mb-0 w-lg-25">Description</label>
|
||||
<textarea class="form-control" name="description" maxlength="256" readonly="readonly">{{auth.application.description}}</textarea>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in New Issue