Skip to content
Snippets Groups Projects
Commit 2088e144 authored by Teemu Autto's avatar Teemu Autto
Browse files

Page for access token creation.

parent f7129c76
No related branches found
No related tags found
1 merge request!70Tokens
Hide whitespace changes
Inline Side-by-side
src/tjts5901/auth.py
+ 40
2
View file @ 2088e144
from datetime import datetime
import functools
import logging
......@@ -11,11 +12,11 @@ from flask_login import (
login_required,
current_user,
)
from flask_babel import _
from werkzeug.security import check_password_hash, generate_password_hash
from sentry_sdk import set_user
from .models import User, Item
from .models import AccessToken, User, Item
from mongoengine import DoesNotExist
......@@ -183,3 +184,40 @@ def profile(email):
items = Item.objects(seller=user).all()
return render_template('auth/profile.html', user=user, items=items)
@bp.route('/profile/<email>/token', methods=('GET', 'POST'))
@login_required
def user_access_tokens(email):
"""
Show the user's tokens page for the given email.
"""
user: User = get_user_by_email(email)
token = None
if request.method == 'POST':
try:
name = request.form['name']
if expires := request.form.get('expires'):
expires = datetime.fromisoformat(expires)
else:
expires = None
token = AccessToken(
user=user,
name=name,
expires=expires,
)
token.save()
except KeyError as exc:
logger.debug("Missing required field: %s", exc)
flash(_("Required field missing"))
except Exception as exc:
logger.exception("Error creating token: %s", exc)
flash(_("Error creating token: %s") % exc)
else:
flash(_("Created token: %s") % token.name)
return render_template('auth/tokens.html', user=user, token=token)
src/tjts5901/templates/auth/tokens.html 0 → 100644
+ 61
0
View file @ 2088e144
{% extends 'base.html' %}
{% block header %}
<h1>{% block title %}Access tokens{% endblock %}</h1>
{% endblock %}
{% block content %}
<div class="container">
<div class="row">
<div class="col-md-4">
<h4>{{_("Personal Access Tokens")}}</h4>
<p>
{%trans%}Personal access tokens allow third-party services to authenticate with our application on your behalf.{%endtrans%}
</p>
</div>
<div class="col-md-8">
{% if token %}
<div class="alert alert-success" role="alert">
<h4 class="alert-heading">{{_("Your new personal access token")}}</h4>
<p>
{%trans%}Your new personal access token is shown below. You may now use this token to make API requests.{%endtrans%}
</p>
<div class="input-group mb-3">
<input type="text" class="form-control" id="token" value="{{ token.token }}" readonly>
<button class="btn btn-outline-secondary" type="button" id="copy-token" onclick="copyToken()">{{_("Copy")}}</button>
<script>
function copyToken() {
var copyText = document.getElementById("token");
copyText.select();
copyText.setSelectionRange(0, 99999);
document.execCommand("copy");
}
</script>
</div>
<small class="form-text text-muted">{{ _("Make sure to copy your new token now. You won't be able to see it again!") }}</small>
<hr>
</div>
{% endif %}
<div class="card">
<div class="card-header">
<div class="text-center">{{ _("Create access token") }}</div>
</div>
<form action="{{url_for('auth.user_access_tokens', email='me')}}" method="post" class="card-body">
<div class="form-group">
<label for="name">{{ _("Name") }}</label>
<input type="text" class="form-control" name="name" id="name" placeholder="{{ _(" Enter token name") }}">
<div class="form-text text-muted">{{ _("Give your token a descriptive name so you can easily identify it in the future.") }}</div>
</div>
<div class="form-group">
<label class="form-check-label" for="expires">{{ _("Expires at") }}</label>
<input type="date" class="form-control" name="expires" id="expires">
<div class="form-text text-muted">{{ _("Leave blank to never expire.") }}</div>
</div>
<button type="submit" class="btn btn-primary">{{ _("Create access token") }}</button>
</form>
</div>
</div>
</div>
</div>
{% endblock %}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment