Add views and templates for authentication tokens

master
kaiyou 7 years ago
parent 814ed77d7f
commit 291fbe7bc4

@ -104,6 +104,17 @@ class UserReplyForm(flask_wtf.FlaskForm):
submit = fields.SubmitField(_('Update')) submit = fields.SubmitField(_('Update'))
class TokenForm(flask_wtf.FlaskForm):
raw_password = fields.StringField(
_('Your token (write it down, as it will never be displayed again)')
)
comment = fields.StringField(_('Comment'))
ip = fields.StringField(
_('Authorized IP'), [validators.Optional(), validators.IPAddress()]
)
submit = fields.SubmitField(_('Create'))
class AliasForm(flask_wtf.FlaskForm): class AliasForm(flask_wtf.FlaskForm):
localpart = fields.StringField(_('Alias'), [validators.DataRequired()]) localpart = fields.StringField(_('Alias'), [validators.DataRequired()])
wildcard = fields.BooleanField( wildcard = fields.BooleanField(

@ -28,6 +28,11 @@
<i class="fa fa-download"></i> <span>{% trans %}Fetched accounts{% endtrans %}</span> <i class="fa fa-download"></i> <span>{% trans %}Fetched accounts{% endtrans %}</span>
</a> </a>
</li> </li>
<li>
<a href="{{ url_for('.token_list') }}">
<i class="fa fa-ticket"></i> <span>{% trans %}Authentication tokens{% endtrans %}</span>
</a>
</li>
<li> <li>
<a href="{{ url_for('.logout') }}"> <a href="{{ url_for('.logout') }}">
<i class="fa fa-sign-out"></i> <span>{% trans %}Sign out{% endtrans %}</span> <i class="fa fa-sign-out"></i> <span>{% trans %}Sign out{% endtrans %}</span>

@ -0,0 +1,9 @@
{% extends "form.html" %}
{% block title %}
{% trans %}Create an authentication token{% endtrans %}
{% endblock %}
{% block subtitle %}
{{ user }}
{% endblock %}

@ -0,0 +1,36 @@
{% extends "base.html" %}
{% block title %}
{% trans %}Authentication tokens{% endtrans %}
{% endblock %}
{% block subtitle %}
{{ user }}
{% endblock %}
{% block main_action %}
<a class="btn btn-primary" href="{{ url_for('.token_create', user_email=user.email) }}">{% trans %}New token{% endtrans %}</a>
{% endblock %}
{% block box %}
<table class="table table-bordered">
<tbody>
<tr>
<th>{% trans %}Actions{% endtrans %}</th>
<th>{% trans %}Comment{% endtrans %}</th>
<th>{% trans %}Authorized IP{% endtrans %}</th>
<th>{% trans %}Created{% endtrans %}</th>
</tr>
{% for token in user.tokens %}
<tr>
<td>
<a href="{{ url_for('.token_delete', token_id=token.id) }}" title="{% trans %}Delete{% endtrans %}"><i class="fa fa-trash"></i></a>
</td>
<td>{{ token.comment }}</td>
<td>{{ token.ip or "any" }}</td>
<td>{{ token.created_at }}</td>
</tr>
{% endfor %}
</tbody>
</table>
{% endblock %}

@ -36,6 +36,7 @@
<a href="{{ url_for('.user_forward', user_email=user.email) }}" title="{% trans %}Auto-forward{% endtrans %}"><i class="fa fa-share"></i></a>&nbsp; <a href="{{ url_for('.user_forward', user_email=user.email) }}" title="{% trans %}Auto-forward{% endtrans %}"><i class="fa fa-share"></i></a>&nbsp;
<a href="{{ url_for('.user_reply', user_email=user.email) }}" title="{% trans %}Auto-reply{% endtrans %}"><i class="fa fa-plane"></i></a>&nbsp; <a href="{{ url_for('.user_reply', user_email=user.email) }}" title="{% trans %}Auto-reply{% endtrans %}"><i class="fa fa-plane"></i></a>&nbsp;
<a href="{{ url_for('.fetch_list', user_email=user.email) }}" title="{% trans %}Fetched accounts{% endtrans %}"><i class="fa fa-download"></i></a>&nbsp; <a href="{{ url_for('.fetch_list', user_email=user.email) }}" title="{% trans %}Fetched accounts{% endtrans %}"><i class="fa fa-download"></i></a>&nbsp;
<a href="{{ url_for('.token_list', user_email=user.email) }}" title="{% trans %}Authentication tokens{% endtrans %}"><i class="fa fa-ticket"></i></a>&nbsp;
</td> </td>
<td>{{ user }}</td> <td>{{ user }}</td>
<td> <td>

@ -1 +1,4 @@
__all__ = ['admins', 'aliases', 'alternatives', 'base', 'domains', 'fetches', 'managers', 'users', 'relays'] __all__ = [
'admins', 'aliases', 'alternatives', 'base', 'domains', 'fetches',
'managers', 'users', 'relays', 'tokens'
]

@ -0,0 +1,51 @@
from mailu import db, models
from mailu.ui import ui, forms, access
from passlib import pwd
import flask
import flask_login
import wtforms_components
@ui.route('/token/list', methods=['GET', 'POST'], defaults={'user_email': None})
@ui.route('/token/list/<user_email>', methods=['GET'])
@access.owner(models.User, 'user_email')
def token_list(user_email):
user_email = user_email or flask_login.current_user.email
user = models.User.query.get(user_email) or flask.abort(404)
return flask.render_template('token/list.html', user=user)
@ui.route('/token/create', methods=['GET', 'POST'], defaults={'user_email': None})
@ui.route('/token/create/<user_email>', methods=['GET', 'POST'])
@access.owner(models.User, 'user_email')
def token_create(user_email):
user_email = user_email or flask_login.current_user.email
user = models.User.query.get(user_email) or flask.abort(404)
form = forms.TokenForm()
form.raw_password.data = pwd.genword(entropy=128, charset="hex")
wtforms_components.read_only(form.raw_password)
if form.validate_on_submit():
token = models.Token(user=user)
form.populate_obj(token)
token.set_password(form.raw_password.data)
db.session.add(token)
db.session.commit()
flask.flash('Authentication token created')
return flask.redirect(
flask.url_for('.token_list', user_email=user.email))
return flask.render_template('token/create.html', form=form)
@ui.route('/token/delete/<token_id>', methods=['GET', 'POST'])
@access.confirmation_required("delete an authentication token")
@access.owner(models.Token, 'token_id')
def token_delete(token_id):
token = models.Token.query.get(token_id) or flask.abort(404)
user = token.user
db.session.delete(token)
db.session.commit()
flask.flash('Authentication token deleted')
return flask.redirect(
flask.url_for('.token_list', user_email=user.email))
Loading…
Cancel
Save