removed use of session cookie for token creation and modification

This commit is contained in:
Simon Pirkelmann 2022-01-30 23:08:18 +01:00
parent f1eaf8af4e
commit 3caf17c861

View File

@ -163,6 +163,7 @@ def promote_admin(username):
db.session.commit()
return redirect('/manage_admins')
@door_app.route('/demote_admin/<username>')
@roles_required('super_admin')
def demote_admin(username):
@ -281,6 +282,26 @@ def token_log():
return redirect('/')
def store_token(token_data):
"""Store token to the token file on disk.
This will use the token id and the associated data and create/modify a
token and store the new token file to disk.
"""
token = token_data['token']
tokens = current_app.door.get_tokens()
tokens[token] = {'name': token_data['name'],
'email': token_data['email'],
'valid_thru': token_data['valid_thru'],
'inactive': token_data['inactive'],
'organization': token_data['organization']}
try:
current_app.door.store_tokens(tokens)
current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
except Exception as e:
flash(f"Error during store_tokens. Exception: {e}")
# routes for registering, editing and deleting tokens
@door_app.route('/register-token', methods=['GET', 'POST'])
@roles_required('admin')
@ -298,7 +319,7 @@ def register():
recent_token = {}
if {'token', 'timestamp'}.issubset(set(token.keys())):
dt = datetime.utcnow() - token['timestamp']
if dt < timedelta(minutes=10):
if dt < timedelta(minutes=10):
recent_token = token
recent_token['timedelta_minutes'] = int(dt.total_seconds() / 60.0)
@ -307,22 +328,19 @@ def register():
# set default valid thru date to today to make sure form validity check passes
# (will not be used if limited validity is disabled)
form.valid_thru.data = date.today()
return render_template('register.html', token=recent_token, form=form)
elif request.method == 'POST' and form.validate():
# store data in session cookie
session['token'] = current_app.door.get_most_recent_token()['token']
session['name'] = form.name.data
session['email'] = form.email.data
session['organization'] = form.organization.data
if form.limit_validity.data:
session['valid_thru'] = form.valid_thru.data.isoformat()
else:
session['valid_thru'] = ''
session['inactive'] = not form.active.data
return redirect('/store-token')
token_data = {
'token': current_app.door.get_most_recent_token()['token'],
'name': form.name.data, 'email': form.email.data,
'organization': form.organization.data,
'inactive': not form.active.data,
'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
}
store_token(token_data)
return redirect('/tokens')
else:
return render_template('register.html', token=recent_token, form=form)
flash(f'Token konnte nicht registiert werden. Fehler: {form.errors}')
return render_template('register.html', token=recent_token, form=form)
@door_app.route('/edit-token/<token>', methods=['GET', 'POST'])
@ -366,44 +384,21 @@ def edit_token(token):
return redirect('/tokens')
elif request.method == 'POST':
if form.validate():
# store data in session cookie
session['token'] = token
session['name'] = form.name.data
session['organization'] = form.organization.data
session['email'] = form.email.data
if form.limit_validity.data:
session['valid_thru'] = form.valid_thru.data.isoformat()
else:
session['valid_thru'] = ''
session['inactive'] = not form.active.data
return redirect(f'/store-token')
# store data in token_data cookie
token_data = {'token': token,
'name': form.name.data,
'organization': form.organization.data,
'email': form.email.data,
'inactive': not form.active.data,
'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
}
store_token(token_data)
return redirect('/tokens')
else:
flash(f'Token konnte nicht editiert werden. Fehler: {form.errors}')
return render_template('edit.html', token=token, form=form)
@door_app.route('/store-token')
@roles_required('admin')
def store_token():
"""Store token to the token file on disk.
This will use the token id and the associated data stored in the session cookie (filled by register_token() or
edit_token()) and create/modify a token and store the new token file to disk.
"""
token = session['token']
tokens = current_app.door.get_tokens()
tokens[token] = {'name': session['name'],
'email': session['email'],
'valid_thru': session['valid_thru'],
'inactive': session['inactive'],
'organization': session['organization']}
try:
current_app.door.store_tokens(tokens)
current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
except Exception as e:
flash(f"Error during store_tokens. Exception: {e}")
return redirect('/tokens')
@door_app.route('/delete-token/<token>', methods=['GET', 'POST'])
@roles_required('admin')
def delete_token(token):