takahe/users/views/settings/tokens.py
Andrew Godwin 8f57aa5f37
UI/Domains Refactor
Redoes the UI to remove timelines, promote domains, and a lot of other things to support the refactor.
2023-05-03 22:42:37 -06:00

77 lines
2.4 KiB
Python

import secrets
from django import forms
from django.contrib import messages
from django.shortcuts import redirect
from django.views.generic import DetailView, FormView
from django.views.generic.list import ListView
from api.models.application import Application
from api.models.token import Token
from users.views.base import IdentityViewMixin
class TokensRoot(IdentityViewMixin, ListView):
"""
Shows a listing of tokens the user has authorized
"""
template_name = "settings/tokens.html"
extra_context = {"section": "tokens"}
context_object_name = "tokens"
def get_queryset(self):
return Token.objects.filter(
user=self.request.user,
identity=self.identity,
).prefetch_related("application")
class TokenCreate(IdentityViewMixin, FormView):
"""
Allows the user to create a new app and token just for themselves.
"""
template_name = "settings/token_create.html"
extra_context = {"section": "tokens"}
class form_class(forms.Form):
name = forms.CharField(help_text="Identifies this app in your app list")
scope = forms.ChoiceField(
choices=(("read", "Read-only access"), ("write", "Full access")),
help_text="What should this app be able to do with your account?",
)
def form_valid(self, form):
scopes = "read write push" if form.cleaned_data["scope"] == "write" else "read"
application = Application.create(
client_name=form.cleaned_data["name"],
website=None,
redirect_uris="urn:ietf:wg:oauth:2.0:oob",
scopes=scopes,
)
token = Token.objects.create(
application=application,
user=self.request.user,
identity=self.identity,
token=secrets.token_urlsafe(43),
scopes=scopes,
)
return redirect("settings_token_edit", handle=self.identity.handle, pk=token.pk)
class TokenEdit(IdentityViewMixin, DetailView):
template_name = "settings/token_edit.html"
extra_context = {"section": "tokens"}
def get_queryset(self):
return self.identity.tokens
def post(self, request, *args, **kwargs):
self.object = self.get_object()
messages.success(
request, f"{self.object.application.name}'s access has been removed."
)
self.object.delete()
return redirect("settings_tokens", handle=self.identity.handle)