forked from Github-Mirrors/canaille
b4908d5e57
This will help providing the very same user experience for users with and without javascript. We will still be able to re-enable javascript modals in the future, but this should be done from the ground up, HTML first and javascript after.
52 lines
1.6 KiB
Python
52 lines
1.6 KiB
Python
import datetime
|
|
|
|
from canaille.app import models
|
|
from canaille.app.flask import permissions_needed
|
|
from canaille.app.flask import render_htmx_template
|
|
from canaille.app.forms import TableForm
|
|
from canaille.oidc.forms import TokenRevokationForm
|
|
from flask import abort
|
|
from flask import Blueprint
|
|
from flask import flash
|
|
from flask import request
|
|
from flask_babel import gettext as _
|
|
from flask_themer import render_template
|
|
|
|
bp = Blueprint("tokens", __name__, url_prefix="/admin/token")
|
|
|
|
|
|
@bp.route("/", methods=["GET", "POST"])
|
|
@permissions_needed("manage_oidc")
|
|
def index(user):
|
|
table_form = TableForm(models.Token, formdata=request.form)
|
|
if request.form and request.form.get("page") and not table_form.validate():
|
|
abort(404)
|
|
|
|
return render_htmx_template(
|
|
"oidc/admin/token_list.html", menuitem="admin", table_form=table_form
|
|
)
|
|
|
|
|
|
@bp.route("/<token:token>", methods=["GET", "POST"])
|
|
@permissions_needed("manage_oidc")
|
|
def view(user, token):
|
|
form = TokenRevokationForm(request.form or None)
|
|
|
|
if request.form and form.validate():
|
|
if request.form.get("action") == "confirm-revoke":
|
|
return render_template("modals/revoke-token.html", token=token)
|
|
|
|
elif request.form.get("action") == "revoke":
|
|
token.revokation_date = datetime.datetime.now(datetime.timezone.utc)
|
|
token.save()
|
|
flash(_("The token has successfully been revoked."), "success")
|
|
|
|
else:
|
|
abort(400, f"bad form action: {request.form.get('action')}")
|
|
|
|
return render_template(
|
|
"oidc/admin/token_view.html",
|
|
token=token,
|
|
menuitem="admin",
|
|
form=form,
|
|
)
|