From 987b898a33f13cb2576c82392ca847a28ae87dfc Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Mon, 17 Feb 2020 23:30:55 +0100 Subject: [PATCH] Auth token is hidden --- apps/member/views.py | 13 ++++++++----- templates/member/manage_auth_tokens.html | 10 ++++++++-- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/apps/member/views.py b/apps/member/views.py index f8f8ec2d..be2d8d58 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -4,6 +4,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later from dal import autocomplete from django.contrib.auth.mixins import LoginRequiredMixin +from django.shortcuts import redirect from django.utils.translation import gettext_lazy as _ from django.views.generic import CreateView, ListView, DetailView, UpdateView, RedirectView, TemplateView from django.contrib.auth.models import User @@ -147,14 +148,16 @@ class ManageAuthTokens(LoginRequiredMixin, TemplateView): model = Token template_name = "member/manage_auth_tokens.html" + def get(self, request, *args, **kwargs): + if 'regenerate' in request.GET and Token.objects.filter(user=request.user).exists(): + Token.objects.get(user=self.request.user).delete() + return redirect(reverse_lazy('member:auth_token') + "?show", permanent=True) + + return super().get(request, *args, **kwargs) + def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) - - if 'regenerate' in self.request.GET and Token.objects.filter(user=self.request.user).exists(): - Token.objects.get(user=self.request.user).delete() - context['token'] = Token.objects.get_or_create(user=self.request.user)[0] - return context class UserAutocomplete(autocomplete.Select2QuerySetView): diff --git a/templates/member/manage_auth_tokens.html b/templates/member/manage_auth_tokens.html index 4f992915..0103fbbb 100644 --- a/templates/member/manage_auth_tokens.html +++ b/templates/member/manage_auth_tokens.html @@ -13,7 +13,13 @@
- {%trans 'Token' %} : {{ token.key }}
+ {%trans 'Token' %} : + {% if 'show' in request.GET %} + {{ token.key }} (cacher) + {% else %} + caché (montrer) + {% endif %} +
{%trans 'Created' %} : {{ token.created }}
@@ -21,7 +27,7 @@ Attention : regénérer le jeton va révoquer tout accès autorisé à l'API via ce jeton ! - + {% endblock %}