removed use of session cookie for token creation and modification
This commit is contained in:
parent
f1eaf8af4e
commit
3caf17c861
|
@ -163,6 +163,7 @@ def promote_admin(username):
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
return redirect('/manage_admins')
|
return redirect('/manage_admins')
|
||||||
|
|
||||||
|
|
||||||
@door_app.route('/demote_admin/<username>')
|
@door_app.route('/demote_admin/<username>')
|
||||||
@roles_required('super_admin')
|
@roles_required('super_admin')
|
||||||
def demote_admin(username):
|
def demote_admin(username):
|
||||||
|
@ -281,6 +282,26 @@ def token_log():
|
||||||
return redirect('/')
|
return redirect('/')
|
||||||
|
|
||||||
|
|
||||||
|
def store_token(token_data):
|
||||||
|
"""Store token to the token file on disk.
|
||||||
|
|
||||||
|
This will use the token id and the associated data and create/modify a
|
||||||
|
token and store the new token file to disk.
|
||||||
|
"""
|
||||||
|
token = token_data['token']
|
||||||
|
tokens = current_app.door.get_tokens()
|
||||||
|
tokens[token] = {'name': token_data['name'],
|
||||||
|
'email': token_data['email'],
|
||||||
|
'valid_thru': token_data['valid_thru'],
|
||||||
|
'inactive': token_data['inactive'],
|
||||||
|
'organization': token_data['organization']}
|
||||||
|
try:
|
||||||
|
current_app.door.store_tokens(tokens)
|
||||||
|
current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
|
||||||
|
except Exception as e:
|
||||||
|
flash(f"Error during store_tokens. Exception: {e}")
|
||||||
|
|
||||||
|
|
||||||
# routes for registering, editing and deleting tokens
|
# routes for registering, editing and deleting tokens
|
||||||
@door_app.route('/register-token', methods=['GET', 'POST'])
|
@door_app.route('/register-token', methods=['GET', 'POST'])
|
||||||
@roles_required('admin')
|
@roles_required('admin')
|
||||||
|
@ -298,7 +319,7 @@ def register():
|
||||||
recent_token = {}
|
recent_token = {}
|
||||||
if {'token', 'timestamp'}.issubset(set(token.keys())):
|
if {'token', 'timestamp'}.issubset(set(token.keys())):
|
||||||
dt = datetime.utcnow() - token['timestamp']
|
dt = datetime.utcnow() - token['timestamp']
|
||||||
if dt < timedelta(minutes=10):
|
if dt < timedelta(minutes=10):
|
||||||
recent_token = token
|
recent_token = token
|
||||||
recent_token['timedelta_minutes'] = int(dt.total_seconds() / 60.0)
|
recent_token['timedelta_minutes'] = int(dt.total_seconds() / 60.0)
|
||||||
|
|
||||||
|
@ -307,22 +328,19 @@ def register():
|
||||||
# set default valid thru date to today to make sure form validity check passes
|
# set default valid thru date to today to make sure form validity check passes
|
||||||
# (will not be used if limited validity is disabled)
|
# (will not be used if limited validity is disabled)
|
||||||
form.valid_thru.data = date.today()
|
form.valid_thru.data = date.today()
|
||||||
|
|
||||||
return render_template('register.html', token=recent_token, form=form)
|
|
||||||
elif request.method == 'POST' and form.validate():
|
elif request.method == 'POST' and form.validate():
|
||||||
# store data in session cookie
|
token_data = {
|
||||||
session['token'] = current_app.door.get_most_recent_token()['token']
|
'token': current_app.door.get_most_recent_token()['token'],
|
||||||
session['name'] = form.name.data
|
'name': form.name.data, 'email': form.email.data,
|
||||||
session['email'] = form.email.data
|
'organization': form.organization.data,
|
||||||
session['organization'] = form.organization.data
|
'inactive': not form.active.data,
|
||||||
if form.limit_validity.data:
|
'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
|
||||||
session['valid_thru'] = form.valid_thru.data.isoformat()
|
}
|
||||||
else:
|
store_token(token_data)
|
||||||
session['valid_thru'] = ''
|
return redirect('/tokens')
|
||||||
session['inactive'] = not form.active.data
|
|
||||||
return redirect('/store-token')
|
|
||||||
else:
|
else:
|
||||||
return render_template('register.html', token=recent_token, form=form)
|
flash(f'Token konnte nicht registiert werden. Fehler: {form.errors}')
|
||||||
|
return render_template('register.html', token=recent_token, form=form)
|
||||||
|
|
||||||
|
|
||||||
@door_app.route('/edit-token/<token>', methods=['GET', 'POST'])
|
@door_app.route('/edit-token/<token>', methods=['GET', 'POST'])
|
||||||
|
@ -366,44 +384,21 @@ def edit_token(token):
|
||||||
return redirect('/tokens')
|
return redirect('/tokens')
|
||||||
elif request.method == 'POST':
|
elif request.method == 'POST':
|
||||||
if form.validate():
|
if form.validate():
|
||||||
# store data in session cookie
|
# store data in token_data cookie
|
||||||
session['token'] = token
|
token_data = {'token': token,
|
||||||
session['name'] = form.name.data
|
'name': form.name.data,
|
||||||
session['organization'] = form.organization.data
|
'organization': form.organization.data,
|
||||||
session['email'] = form.email.data
|
'email': form.email.data,
|
||||||
if form.limit_validity.data:
|
'inactive': not form.active.data,
|
||||||
session['valid_thru'] = form.valid_thru.data.isoformat()
|
'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
|
||||||
else:
|
}
|
||||||
session['valid_thru'] = ''
|
store_token(token_data)
|
||||||
session['inactive'] = not form.active.data
|
return redirect('/tokens')
|
||||||
return redirect(f'/store-token')
|
|
||||||
else:
|
else:
|
||||||
|
flash(f'Token konnte nicht editiert werden. Fehler: {form.errors}')
|
||||||
return render_template('edit.html', token=token, form=form)
|
return render_template('edit.html', token=token, form=form)
|
||||||
|
|
||||||
|
|
||||||
@door_app.route('/store-token')
|
|
||||||
@roles_required('admin')
|
|
||||||
def store_token():
|
|
||||||
"""Store token to the token file on disk.
|
|
||||||
|
|
||||||
This will use the token id and the associated data stored in the session cookie (filled by register_token() or
|
|
||||||
edit_token()) and create/modify a token and store the new token file to disk.
|
|
||||||
"""
|
|
||||||
token = session['token']
|
|
||||||
tokens = current_app.door.get_tokens()
|
|
||||||
tokens[token] = {'name': session['name'],
|
|
||||||
'email': session['email'],
|
|
||||||
'valid_thru': session['valid_thru'],
|
|
||||||
'inactive': session['inactive'],
|
|
||||||
'organization': session['organization']}
|
|
||||||
try:
|
|
||||||
current_app.door.store_tokens(tokens)
|
|
||||||
current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
|
|
||||||
except Exception as e:
|
|
||||||
flash(f"Error during store_tokens. Exception: {e}")
|
|
||||||
return redirect('/tokens')
|
|
||||||
|
|
||||||
|
|
||||||
@door_app.route('/delete-token/<token>', methods=['GET', 'POST'])
|
@door_app.route('/delete-token/<token>', methods=['GET', 'POST'])
|
||||||
@roles_required('admin')
|
@roles_required('admin')
|
||||||
def delete_token(token):
|
def delete_token(token):
|
||||||
|
|
Loading…
Reference in New Issue
Block a user