mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-11-26 18:37:12 +00:00
Auth token is hidden
This commit is contained in:
parent
b7383b35f7
commit
987b898a33
@ -4,6 +4,7 @@
|
|||||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||||
from dal import autocomplete
|
from dal import autocomplete
|
||||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||||
|
from django.shortcuts import redirect
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from django.views.generic import CreateView, ListView, DetailView, UpdateView, RedirectView, TemplateView
|
from django.views.generic import CreateView, ListView, DetailView, UpdateView, RedirectView, TemplateView
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User
|
||||||
@ -147,14 +148,16 @@ class ManageAuthTokens(LoginRequiredMixin, TemplateView):
|
|||||||
model = Token
|
model = Token
|
||||||
template_name = "member/manage_auth_tokens.html"
|
template_name = "member/manage_auth_tokens.html"
|
||||||
|
|
||||||
|
def get(self, request, *args, **kwargs):
|
||||||
|
if 'regenerate' in request.GET and Token.objects.filter(user=request.user).exists():
|
||||||
|
Token.objects.get(user=self.request.user).delete()
|
||||||
|
return redirect(reverse_lazy('member:auth_token') + "?show", permanent=True)
|
||||||
|
|
||||||
|
return super().get(request, *args, **kwargs)
|
||||||
|
|
||||||
def get_context_data(self, **kwargs):
|
def get_context_data(self, **kwargs):
|
||||||
context = super().get_context_data(**kwargs)
|
context = super().get_context_data(**kwargs)
|
||||||
|
|
||||||
if 'regenerate' in self.request.GET and Token.objects.filter(user=self.request.user).exists():
|
|
||||||
Token.objects.get(user=self.request.user).delete()
|
|
||||||
|
|
||||||
context['token'] = Token.objects.get_or_create(user=self.request.user)[0]
|
context['token'] = Token.objects.get_or_create(user=self.request.user)[0]
|
||||||
|
|
||||||
return context
|
return context
|
||||||
|
|
||||||
class UserAutocomplete(autocomplete.Select2QuerySetView):
|
class UserAutocomplete(autocomplete.Select2QuerySetView):
|
||||||
|
@ -13,7 +13,13 @@
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="alert alert-info">
|
<div class="alert alert-info">
|
||||||
<strong>{%trans 'Token' %} :</strong> {{ token.key }}<br />
|
<strong>{%trans 'Token' %} :</strong>
|
||||||
|
{% if 'show' in request.GET %}
|
||||||
|
{{ token.key }} (<a href="?">cacher</a>)
|
||||||
|
{% else %}
|
||||||
|
<em>caché</em> (<a href="?show">montrer</a>)
|
||||||
|
{% endif %}
|
||||||
|
<br />
|
||||||
<strong>{%trans 'Created' %} :</strong> {{ token.created }}
|
<strong>{%trans 'Created' %} :</strong> {{ token.created }}
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
@ -21,7 +27,7 @@
|
|||||||
<strong>Attention :</strong> regénérer le jeton va révoquer tout accès autorisé à l'API via ce jeton !
|
<strong>Attention :</strong> regénérer le jeton va révoquer tout accès autorisé à l'API via ce jeton !
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<a href="{% url 'member:auth_token' %}?regenerate">
|
<a href="?regenerate">
|
||||||
<button class="btn btn-primary">{% trans 'Regenerate token' %}</button>
|
<button class="btn btn-primary">{% trans 'Regenerate token' %}</button>
|
||||||
</a>
|
</a>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
Loading…
Reference in New Issue
Block a user