Skip to content

Commit

Permalink
added valid column
Browse files Browse the repository at this point in the history
  • Loading branch information
@BernhardKoschicek
BernhardKoschicek committed Jan 23, 2025
1 parent 0be583c commit 3e500f9
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 3 deletions.
4 changes: 2 additions & 2 deletions openatlas/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ def check_if_token_revoked(
jwt_payload: dict[str, Any]) -> bool:
if not jwt_header['typ'] == 'JWT':
return True
token = check_token_revoked(jwt_payload["jti"])
if token['revoked'] or token['valid_until'] < datetime.datetime.now():
token_ = check_token_revoked(jwt_payload["jti"])
if token_['revoked'] or token_['valid_until'] < datetime.datetime.now():
return True
return False
9 changes: 9 additions & 0 deletions openatlas/models/token.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,3 +59,12 @@ def revoke_all_tokens() -> None:
@staticmethod
def authorize_all_tokens() -> None:
return db.authorize_all_tokens()

@staticmethod
def check_validness_of_token(token: dict[str, Any], user: User) -> bool:
if token['revoked'] or token['valid_until'] < datetime.now():
return False
if not user.get_by_id(token['user_id']).active:
return False
return True

15 changes: 14 additions & 1 deletion openatlas/views/token.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
from __future__ import annotations

from datetime import datetime, timedelta
from typing import Any

from flask import flash, g, make_response, redirect, render_template, request, \
url_for
Expand Down Expand Up @@ -53,6 +54,9 @@ class ListTokenForm(FlaskForm):
('<', _('not valid'))))
save = SubmitField(_('apply'))




@app.route('/admin/api_token', methods=['GET', 'POST'])
@app.route('/admin/api_token/<int:user_id>', methods=['GET', 'POST'])
@required_group('admin')
Expand Down Expand Up @@ -90,6 +94,7 @@ def api_token(user_id: int = 0) -> str | Response:
url_for('delete_all_tokens'),
onclick=f"return confirm('{_('delete all revoked tokens')}?')"))
token_table = Table([
_('valid'),
_('name'),
'jti',
_('valid from'),
Expand All @@ -109,12 +114,14 @@ def api_token(user_id: int = 0) -> str | Response:
revoke_link = link(
_('authorize'),
url_for('authorize_token', id_=token['id']))
user = User.get_by_id(token['user_id'])
token_table.rows.append([
get_token_valid_column(token, user),
token['name'],
token['jti'],
token['valid_from'],
token['valid_until'],
link(User.get_by_id(token['user_id'])),
link(user),
link(User.get_by_id(token['creator_id'])),
token['revoked'],
revoke_link,
Expand All @@ -128,6 +135,12 @@ def api_token(user_id: int = 0) -> str | Response:
[_('admin'), f"{url_for('admin_index')}"],
_('token')])

def get_token_valid_column(token: dict[str, Any], user: User) -> str:
html = '<span class="text-success bg-success">OK</span>'
if Token.check_validness_of_token(token, user):
html = '<span class="text-danger bg-danger">NO</span>'
return html


@app.route('/admin/api_token/generate_token', methods=['GET', 'POST'])
@required_group('admin')
Expand Down

0 comments on commit 3e500f9

Please sign in to comment.