diff --git a/imaginaerraum_door_admin/templates/delete.html b/imaginaerraum_door_admin/templates/delete.html
new file mode 100644
index 0000000..1079e09
--- /dev/null
+++ b/imaginaerraum_door_admin/templates/delete.html
@@ -0,0 +1,27 @@
+{% extends 'base.html' %}
+{% block header %}
+ {% block title %}
Token löschen
{% endblock %}
+
+{% endblock %}
+
+{% block content %}
+
+ Achtung, der Token von NutzerIn '{{ token['name'] }}' wird gelöscht.
+ Bitte zur Bestätigung den Nutzernamen eingeben:
+
+
+{% endblock %}
\ No newline at end of file
diff --git a/imaginaerraum_door_admin/templates/tokens.html b/imaginaerraum_door_admin/templates/tokens.html
index 8060de6..177fa96 100644
--- a/imaginaerraum_door_admin/templates/tokens.html
+++ b/imaginaerraum_door_admin/templates/tokens.html
@@ -22,7 +22,7 @@
-
+
|
{% endfor %}
@@ -39,20 +39,4 @@
{% endfor %}
-
-
{% endblock %}
\ No newline at end of file
diff --git a/imaginaerraum_door_admin/webapp.py b/imaginaerraum_door_admin/webapp.py
index 398514a..0cc77e3 100644
--- a/imaginaerraum_door_admin/webapp.py
+++ b/imaginaerraum_door_admin/webapp.py
@@ -1,9 +1,9 @@
import os
-from flask import Flask, render_template, request, flash, redirect, session
+from flask import Flask, render_template, request, flash, redirect, session, url_for
from flask_wtf import FlaskForm
from wtforms.fields.html5 import DateField, EmailField
from wtforms.fields import StringField, BooleanField
-from wtforms.validators import DataRequired, ValidationError
+from wtforms.validators import DataRequired, ValidationError, EqualTo
from flask_sqlalchemy import SQLAlchemy
from flask_security import Security, SQLAlchemyUserDatastore, auth_required, hash_password, uia_email_mapper
from flask_security.models import fsqla_v2 as fsqla
@@ -36,6 +36,9 @@ class TokenForm(FlaskForm):
active = BooleanField('Aktiv?')
dsgvo = BooleanField('Einwilligung Nutzungsbedingungen erfragt?', validators=[DataRequired()])
+class TokenDeleteForm(FlaskForm):
+ name = StringField('Name', validators=[DataRequired(), EqualTo('name_confirm', 'Name stimmt nicht überein')])
+ name_confirm = StringField('Name confirm')
def uia_username_mapper(identity):
# we allow pretty much anything - but we bleach it.
@@ -245,13 +248,16 @@ def create_application(config):
'valid_thru': session['valid_thru'],
'inactive': session['inactive'],
'organization': session['organization']}
- door.store_tokens(tokens)
+ try:
+ door.store_tokens(tokens)
+ except Exception as e:
+ flash(f"Error during store_tokens. Exception: {e}")
return redirect('/tokens')
- @app.route('/delete-token', methods=['POST'])
+ @app.route('/delete-token/', methods=['GET', 'POST'])
@auth_required()
- def delete_token():
+ def delete_token(token):
"""Delete the given token from the token file and store the new token file to disk
Parameters
@@ -259,12 +265,34 @@ def create_application(config):
token : str
The token to delete from the database.
"""
- token = request.form.get('token')
tokens = door.get_tokens()
- if token in tokens: # check if token exists
- tokens.pop(token)
- door.store_tokens(tokens)
- return "success"
+
+ if token in tokens:
+ token_to_delete = tokens[token]
+
+ # set up form for confirming deletion
+ form = TokenDeleteForm()
+ form.name_confirm.data = token_to_delete['name']
+
+ if request.method == 'GET':
+ # return page asking the user to confirm delete
+ return render_template('delete.html', token=token_to_delete, form=form)
+ elif form.validate():
+ # form validation successful -> can delete the token
+ tokens.pop(token)
+ try:
+ door.store_tokens(tokens)
+ except Exception as e:
+ flash(f"Error during store_tokens. Exception: {e}")
+ flash(f"Token {token} wurde gelöscht!")
+ return redirect('/tokens')
+ else:
+ # form validation failed -> return to token overview and flash message
+ flash(f"Der eingegebene Name stimmt nicht überein. Der Token {token} von {token_to_delete['name']} wurde nicht gelöscht.")
+ return redirect('/tokens')
+ else:
+ flash(f'Ungültiger Token {token} für Löschung.')
+ return redirect('/tokens')
@app.route('/deactivate-token/')
@@ -280,7 +308,10 @@ def create_application(config):
tokens = door.get_tokens()
if token in tokens:
tokens[token]['inactive'] = True
- door.store_tokens(tokens)
+ try:
+ door.store_tokens(tokens)
+ except Exception as e:
+ flash(f"Error during store_tokens. Exception: {e}")
return redirect('/tokens')
@app.route('/open')