From 0dfae21005190e4e2571e05154af98592444344a Mon Sep 17 00:00:00 2001 From: Alice Gaudon Date: Mon, 29 Mar 2021 12:55:20 +0200 Subject: [PATCH] Move auth tokens to dedicated page --- src/controllers/AuthTokenController.ts | 12 +++ .../{desktop-utility.njk => auth-tokens.njk} | 96 ++++++++++--------- views/layouts/base.njk | 1 + 3 files changed, 65 insertions(+), 44 deletions(-) rename views/{desktop-utility.njk => auth-tokens.njk} (94%) diff --git a/src/controllers/AuthTokenController.ts b/src/controllers/AuthTokenController.ts index 837e15b..a452283 100644 --- a/src/controllers/AuthTokenController.ts +++ b/src/controllers/AuthTokenController.ts @@ -3,13 +3,25 @@ import {RequireAuthMiddleware} from "swaf/auth/AuthComponent"; import {Request, Response} from "express"; import AuthToken from "../models/AuthToken"; import {BadRequestError, ForbiddenHttpError, NotFoundHttpError} from "swaf/HttpError"; +import config from "config"; export default class AuthTokenController extends Controller { public routes(): void { + this.get('/auth-tokens', this.getAuthTokens, 'auth-tokens', RequireAuthMiddleware); this.post('/gen-auth-token', this.postGenAuthToken, 'generate-token', RequireAuthMiddleware); this.post('/revoke-auth-token/:id', this.postRevokeAuthToken, 'revoke-token', RequireAuthMiddleware); } + public async getAuthTokens(req: Request, res: Response): Promise { + const allowedDomains = config.get('allowed_url_domains'); + const user = req.as(RequireAuthMiddleware).getUser(); + res.render('auth-tokens', { + allowed_domains: allowedDomains, + default_domain: allowedDomains[config.get('default_url_domain_for_files')], + auth_tokens: await AuthToken.select().where('user_id', user.id).get(), + }); + } + protected async postGenAuthToken(req: Request, res: Response): Promise { const user = req.as(RequireAuthMiddleware).getUser(); const authToken = AuthToken.create({ diff --git a/views/desktop-utility.njk b/views/auth-tokens.njk similarity index 94% rename from views/desktop-utility.njk rename to views/auth-tokens.njk index 55760a5..eb18a2b 100644 --- a/views/desktop-utility.njk +++ b/views/auth-tokens.njk @@ -1,4 +1,53 @@ +{% extends 'layouts/base.njk' %} + +{% set title = app.name + ' - Auth tokens' %} + +{% block body %}
+
+

Auth tokens

+
+ {{ macros.csrf(getCsrfToken) }} + + +
+ + + + + + + + + + + + + + {% for token in auth_tokens %} + + + + + + + + {% endfor %} + +
#SecretCreated atLast used atActions
{{ token.id }} +
+
{{ token.secret }}
+ +
+
{{ token.created_at.toISOString() }}{{ token.used_at.toISOString() }} +
+ + {{ macros.csrf(getCsrfToken) }} +
+
+
+ +

Setup a desktop utility

There may be a desktop client at some point. For now, if you're an advanced user, you can setup @@ -32,8 +81,8 @@

Examples:

upload_file.sh path/to/file
upload_file.sh path/to/file my_very_important_file.png
-
shrink_url.sh https://gitlab.com/ArisuOngaku/ilyli
-
shrink_url.sh https://gitlab.com/ArisuOngaku/ilyli repo
+
shrink_url.sh https://eternae.ink/ashpie/ily.li
+
shrink_url.sh https://eternae.ink/ashpie/ily.li repo

@@ -114,46 +163,5 @@

For examples with curl, please download and review the scripts above.

- -
-

Auth tokens

-
- {{ macros.csrf(getCsrfToken) }} - - -
- - - - - - - - - - - - - - {% for token in auth_tokens %} - - - - - - - - {% endfor %} - -
#SecretCreated atLast used atActions
{{ token.id }} -
-
{{ token.secret }}
- -
-
{{ token.created_at.toISOString() }}{{ token.used_at.toISOString() }} -
- -
-
-
+{% endblock %} diff --git a/views/layouts/base.njk b/views/layouts/base.njk index 7ae68a8..5f377c0 100644 --- a/views/layouts/base.njk +++ b/views/layouts/base.njk @@ -25,6 +25,7 @@ {% endif %}
  • {{ user.name | default('Account') }}