canaille-globuzma/canaille/oidc/tokens.py

import datetime

from canaille.app import models
from canaille.app.flask import permissions_needed
from canaille.app.flask import render_htmx_template
from canaille.app.forms import TableForm
from canaille.oidc.forms import TokenRevokationForm
from flask import abort
from flask import Blueprint
from flask import flash
from flask import request
from flask_babel import gettext as _
from flask_themer import render_template

bp = Blueprint("tokens", __name__, url_prefix="/admin/token")


@bp.route("/", methods=["GET", "POST"])
@permissions_needed("manage_oidc")
def index(user):
    table_form = TableForm(models.Token, formdata=request.form)
    if request.form and request.form.get("page") and not table_form.validate():
        abort(404)

    return render_htmx_template(
        "oidc/admin/token_list.html", menuitem="admin", table_form=table_form
    )


@bp.route("/<token:token>", methods=["GET", "POST"])
@permissions_needed("manage_oidc")
def view(user, token):
    form = TokenRevokationForm(request.form or None)

    if request.form and form.validate():
        if request.form.get("action") == "confirm-revoke":
            return render_template("modals/revoke-token.html", token=token)

        elif request.form.get("action") == "revoke":
            token.revokation_date = datetime.datetime.now(datetime.timezone.utc)
            token.save()
            flash(_("The token has successfully been revoked."), "success")

        else:
            abort(400, f"bad form action: {request.form.get('action')}")

    return render_template(
        "oidc/admin/token_view.html",
        token=token,
        menuitem="admin",
        form=form,
    )
Implements admin token deletion 2023-02-04 17:41:49 +00:00			`import datetime`

Moved every model import to canaille.models 2023-04-09 09:37:04 +00:00			`from canaille.app import models`
'app' submodule 2023-04-09 13:52:55 +00:00			`from canaille.app.flask import permissions_needed`
			`from canaille.app.flask import render_htmx_template`
			`from canaille.app.forms import TableForm`
modals are HTML pages instead of JS elements This will help providing the very same user experience for users with and without javascript. We will still be able to re-enable javascript modals in the future, but this should be done from the ground up, HTML first and javascript after. 2023-07-06 16:43:37 +00:00			`from canaille.oidc.forms import TokenRevokationForm`
fix: handle token not found in token view 2022-03-03 09:05:14 +00:00			`from flask import abort`
use flask-themer to allow theme customization 2021-10-28 13:24:34 +00:00			`from flask import Blueprint`
Implements admin token deletion 2023-02-04 17:41:49 +00:00			`from flask import flash`
Every list of items is paginated server-side. 2023-02-25 17:11:19 +00:00			`from flask import request`
Implements admin token deletion 2023-02-04 17:41:49 +00:00			`from flask_babel import gettext as _`
use flask-themer to allow theme customization 2021-10-28 13:24:34 +00:00			`from flask_themer import render_template`
Draft for a 'my accesses' page 2020-08-26 15:23:53 +00:00
split oidc code from the rest 2022-01-11 18:49:06 +00:00			`bp = Blueprint("tokens", __name__, url_prefix="/admin/token")`
Draft for a 'my accesses' page 2020-08-26 15:23:53 +00:00

Every list of items is paginated server-side. 2023-02-25 17:11:19 +00:00			`@bp.route("/", methods=["GET", "POST"])`
Permissions overhaul 2021-12-02 17:23:14 +00:00			`@permissions_needed("manage_oidc")`
admin_needed passes the user 2020-10-29 10:09:31 +00:00			`def index(user):`
Moved every model import to canaille.models 2023-04-09 09:37:04 +00:00			`table_form = TableForm(models.Token, formdata=request.form)`
Every list of items is paginated server-side. 2023-02-25 17:11:19 +00:00			`if request.form and request.form.get("page") and not table_form.validate():`
			`abort(404)`

Dynamic tables with htmx - Search is triggered with user inputs - Page changes are triggered with clicks 2023-03-09 16:41:26 +00:00			`return render_htmx_template(`
Every list of items is paginated server-side. 2023-02-25 17:11:19 +00:00			`"oidc/admin/token_list.html", menuitem="admin", table_form=table_form`
split oidc code from the rest 2022-01-11 18:49:06 +00:00			`)`
Draft for a 'my accesses' page 2020-08-26 15:23:53 +00:00

Implements flask OIDC converters 2023-06-29 10:15:12 +00:00			`@bp.route("/<token:token>", methods=["GET", "POST"])`
Permissions overhaul 2021-12-02 17:23:14 +00:00			`@permissions_needed("manage_oidc")`
Implements flask OIDC converters 2023-06-29 10:15:12 +00:00			`def view(user, token):`
modals are HTML pages instead of JS elements This will help providing the very same user experience for users with and without javascript. We will still be able to re-enable javascript modals in the future, but this should be done from the ground up, HTML first and javascript after. 2023-07-06 16:43:37 +00:00			`form = TokenRevokationForm(request.form or None)`

			`if request.form and form.validate():`
			`if request.form.get("action") == "confirm-revoke":`
			`return render_template("modals/revoke-token.html", token=token)`

			`elif request.form.get("action") == "revoke":`
			`token.revokation_date = datetime.datetime.now(datetime.timezone.utc)`
			`token.save()`
			`flash(_("The token has successfully been revoked."), "success")`

			`else:`
			`abort(400, f"bad form action: {request.form.get('action')}")`

improved token admin page template 2022-02-03 08:51:04 +00:00			`return render_template(`
			`"oidc/admin/token_view.html",`
			`token=token,`
			`menuitem="admin",`
modals are HTML pages instead of JS elements This will help providing the very same user experience for users with and without javascript. We will still be able to re-enable javascript modals in the future, but this should be done from the ground up, HTML first and javascript after. 2023-07-06 16:43:37 +00:00			`form=form,`
improved token admin page template 2022-02-03 08:51:04 +00:00			`)`