User profile page with active tokens list

2017-10-11 02:19:08 +02:00 · 2017-10-11 02:19:08 +02:00 · 1309cecb21
parent 5969aa5283
commit 1309cecb21
3 changed files with 52 additions and 1 deletions
--- a/auth.py
+++ b/auth.py
@ -280,10 +280,11 @@ class LoginForm(FlaskForm):
    password = PasswordField('password', validators=[DataRequired()])


+@app.route('/')
@app.route('/profile')
@login_required
 def profile():
-    return 'You are logged in as {}'.format(current_user.email)
+    return render_template('profile.html', tokens=Token.query.filter(Token.user == current_user.username))


@app.route('/token/<int:id>/revoke', methods=['POST'])
--- a/static/css/authorize.css
+++ b/static/css/authorize.css
@ -22,3 +22,8 @@ body {
    font-size: 14px;
 }

+td.placeholder {
+    text-align: center;
+    font-style: italic;
+    opacity: 0.5;
+}
--- a/templates/profile.html
+++ b/templates/profile.html
@ -0,0 +1,45 @@
+{% extends "base.html" %}
+
+{% block content %}
+    <div class="container">
+        <div class="col-md-8 col-md-offset-2">
+            <h2 class="page-title">
+                Hey, <b>{{ current_user.gecos }}</b>!
+                <small class="pull-right"><a href="/logout" class="btn btn-default btn-sm">Logout</a></small>
+            </h2>
+            <h3>Approved applications</h3>
+            <table class="table table-striped">
+                <thead>
+                    <tr>
+                        <th>Application name</th>
+                        <th>Scopes</th>
+                        <th>Expires</th>
+                        <th></th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for token in tokens %}
+                        <tr>
+                            <td>
+                                {% if token.client.approved %}<small title="This application is approved."><i class="glyphicon glyphicon-ok-circle text-success"></i></small>{% endif %}
+                                {{ token.client.name }}
+                            </td>
+                            <td>
+                                {% for scope in token.scopes %}<code>{{ scope }}</code> {% endfor %}
+                            </td>
+                            <td>{{ token.expires }}</td>
+                            <td>
+                                <form class="text-right" method="post" action="{{ url_for('token_revoke', id=token.id) }}">
+                                    {# FIXME <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>#}
+                                    <button class="btn btn-danger btn-xs">Revoke <i class="glyphicon glyphicon-remove"></i></button>
+                                </form>
+                            </td>
+                        </tr>
+                    {% else %}
+                        <tr><td colspan=4 class="placeholder">No authorized applications yet</td></tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+    </div>
+{% endblock %}