1
0
mirror of https://gitlab.crans.org/bde/nk20 synced 2024-11-26 18:37:12 +00:00

Auth token is hidden

This commit is contained in:
Yohann D'ANELLO 2020-02-17 23:30:55 +01:00
parent b7383b35f7
commit 987b898a33
2 changed files with 16 additions and 7 deletions

View File

@ -4,6 +4,7 @@
# SPDX-License-Identifier: GPL-3.0-or-later # SPDX-License-Identifier: GPL-3.0-or-later
from dal import autocomplete from dal import autocomplete
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
from django.shortcuts import redirect
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django.views.generic import CreateView, ListView, DetailView, UpdateView, RedirectView, TemplateView from django.views.generic import CreateView, ListView, DetailView, UpdateView, RedirectView, TemplateView
from django.contrib.auth.models import User from django.contrib.auth.models import User
@ -147,14 +148,16 @@ class ManageAuthTokens(LoginRequiredMixin, TemplateView):
model = Token model = Token
template_name = "member/manage_auth_tokens.html" template_name = "member/manage_auth_tokens.html"
def get(self, request, *args, **kwargs):
if 'regenerate' in request.GET and Token.objects.filter(user=request.user).exists():
Token.objects.get(user=self.request.user).delete()
return redirect(reverse_lazy('member:auth_token') + "?show", permanent=True)
return super().get(request, *args, **kwargs)
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
if 'regenerate' in self.request.GET and Token.objects.filter(user=self.request.user).exists():
Token.objects.get(user=self.request.user).delete()
context['token'] = Token.objects.get_or_create(user=self.request.user)[0] context['token'] = Token.objects.get_or_create(user=self.request.user)[0]
return context return context
class UserAutocomplete(autocomplete.Select2QuerySetView): class UserAutocomplete(autocomplete.Select2QuerySetView):

View File

@ -13,7 +13,13 @@
</div> </div>
<div class="alert alert-info"> <div class="alert alert-info">
<strong>{%trans 'Token' %} :</strong> {{ token.key }}<br /> <strong>{%trans 'Token' %} :</strong>
{% if 'show' in request.GET %}
{{ token.key }} (<a href="?">cacher</a>)
{% else %}
<em>caché</em> (<a href="?show">montrer</a>)
{% endif %}
<br />
<strong>{%trans 'Created' %} :</strong> {{ token.created }} <strong>{%trans 'Created' %} :</strong> {{ token.created }}
</div> </div>
@ -21,7 +27,7 @@
<strong>Attention :</strong> regénérer le jeton va révoquer tout accès autorisé à l'API via ce jeton ! <strong>Attention :</strong> regénérer le jeton va révoquer tout accès autorisé à l'API via ce jeton !
</div> </div>
<a href="{% url 'member:auth_token' %}?regenerate"> <a href="?regenerate">
<button class="btn btn-primary">{% trans 'Regenerate token' %}</button> <button class="btn btn-primary">{% trans 'Regenerate token' %}</button>
</a> </a>
{% endblock %} {% endblock %}