removed use of session cookie for token creation and modification

2022-01-30 23:08:18 +01:00 · 2022-01-30 23:08:18 +01:00 · 3caf17c861
commit 3caf17c861
parent f1eaf8af4e
1 changed files with 44 additions and 49 deletions
--- a/imaginaerraum_door_admin/webapp.py
+++ b/imaginaerraum_door_admin/webapp.py
@ -163,6 +163,7 @@ def promote_admin(username):
    db.session.commit()
    return redirect('/manage_admins')

+
@door_app.route('/demote_admin/<username>')
@roles_required('super_admin')
 def demote_admin(username):
@ -281,6 +282,26 @@ def token_log():
        return redirect('/')


+def store_token(token_data):
+    """Store token to the token file on disk.
+
+    This will use the token id and the associated data and create/modify a
+    token and store the new token file to disk.
+    """
+    token = token_data['token']
+    tokens = current_app.door.get_tokens()
+    tokens[token] = {'name': token_data['name'],
+                     'email': token_data['email'],
+                     'valid_thru': token_data['valid_thru'],
+                     'inactive': token_data['inactive'],
+                     'organization': token_data['organization']}
+    try:
+        current_app.door.store_tokens(tokens)
+        current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
+    except Exception as e:
+        flash(f"Error during store_tokens. Exception: {e}")
+
+
 # routes for registering, editing and deleting tokens
@door_app.route('/register-token', methods=['GET', 'POST'])
@roles_required('admin')
@ -307,21 +328,18 @@ def register():
        # set default valid thru date to today to make sure form validity check passes
        # (will not be used if limited validity is disabled)
        form.valid_thru.data = date.today()
-
-        return render_template('register.html', token=recent_token, form=form)
    elif request.method == 'POST' and form.validate():
-        # store data in session cookie
-        session['token'] = current_app.door.get_most_recent_token()['token']
-        session['name'] = form.name.data
-        session['email'] = form.email.data
-        session['organization'] = form.organization.data
-        if form.limit_validity.data:
-            session['valid_thru'] = form.valid_thru.data.isoformat()
-        else:
-            session['valid_thru'] = ''
-        session['inactive'] = not form.active.data
-        return redirect('/store-token')
+        token_data = {
+            'token': current_app.door.get_most_recent_token()['token'],
+            'name': form.name.data, 'email': form.email.data,
+            'organization': form.organization.data,
+            'inactive': not form.active.data,
+            'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
+        }
+        store_token(token_data)
+        return redirect('/tokens')
    else:
+        flash(f'Token konnte nicht registiert werden. Fehler: {form.errors}')
    return render_template('register.html', token=recent_token, form=form)


@ -366,42 +384,19 @@ def edit_token(token):
            return redirect('/tokens')
    elif request.method == 'POST':
        if form.validate():
-            # store data in session cookie
-            session['token'] = token
-            session['name'] = form.name.data
-            session['organization'] = form.organization.data
-            session['email'] = form.email.data
-            if form.limit_validity.data:
-                session['valid_thru'] = form.valid_thru.data.isoformat()
-            else:
-                session['valid_thru'] = ''
-            session['inactive'] = not form.active.data
-            return redirect(f'/store-token')
-        else:
-            return render_template('edit.html', token=token, form=form)
-
-
-@door_app.route('/store-token')
-@roles_required('admin')
-def store_token():
-    """Store token to the token file on disk.
-
-    This will use the token id and the associated data stored in the session cookie (filled by register_token() or
-     edit_token()) and create/modify a token and store the new token file to disk.
-    """
-    token = session['token']
-    tokens = current_app.door.get_tokens()
-    tokens[token] = {'name': session['name'],
-                     'email': session['email'],
-                     'valid_thru': session['valid_thru'],
-                     'inactive': session['inactive'],
-                     'organization': session['organization']}
-    try:
-        current_app.door.store_tokens(tokens)
-        current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
-    except Exception as e:
-        flash(f"Error during store_tokens. Exception: {e}")
+            # store data in token_data cookie
+            token_data = {'token': token,
+                          'name': form.name.data,
+                          'organization': form.organization.data,
+                          'email': form.email.data,
+                          'inactive': not form.active.data,
+                          'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
+                          }
+            store_token(token_data)
            return redirect('/tokens')
+        else:
+            flash(f'Token konnte nicht editiert werden. Fehler: {form.errors}')
+            return render_template('edit.html', token=token, form=form)


@door_app.route('/delete-token/<token>', methods=['GET', 'POST'])