mirror of
https://github.com/1f349/lavender.git
synced 2024-11-09 14:22:48 +00:00
Minor modifications to work with templates
This commit is contained in:
parent
ba56a628d0
commit
befccd861f
@ -6,7 +6,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
type User struct {
|
type User struct {
|
||||||
Sub string `json:"sub"`
|
Subject string `json:"subject"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
EmailVerified bool `json:"email_verified"`
|
EmailVerified bool `json:"email_verified"`
|
||||||
Roles string `json:"roles"`
|
Roles string `json:"roles"`
|
||||||
@ -16,13 +16,13 @@ type User struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type ClientInfoDbOutput struct {
|
type ClientInfoDbOutput struct {
|
||||||
Sub, Name, Secret, Domain, Owner, Perms string
|
Subject, Name, Secret, Domain, Owner, Perms string
|
||||||
Public, SSO, Active bool
|
Public, Sso, Active bool
|
||||||
}
|
}
|
||||||
|
|
||||||
var _ oauth2.ClientInfo = &ClientInfoDbOutput{}
|
var _ oauth2.ClientInfo = &ClientInfoDbOutput{}
|
||||||
|
|
||||||
func (c *ClientInfoDbOutput) GetID() string { return c.Sub }
|
func (c *ClientInfoDbOutput) GetID() string { return c.Subject }
|
||||||
func (c *ClientInfoDbOutput) GetSecret() string { return c.Secret }
|
func (c *ClientInfoDbOutput) GetSecret() string { return c.Secret }
|
||||||
func (c *ClientInfoDbOutput) GetDomain() string { return c.Domain }
|
func (c *ClientInfoDbOutput) GetDomain() string { return c.Domain }
|
||||||
func (c *ClientInfoDbOutput) IsPublic() bool { return c.Public }
|
func (c *ClientInfoDbOutput) IsPublic() bool { return c.Public }
|
||||||
@ -34,7 +34,7 @@ func (c *ClientInfoDbOutput) GetName() string { return c.Name }
|
|||||||
|
|
||||||
// IsSSO is an extra field for the oauth handler to skip the user input stage
|
// IsSSO is an extra field for the oauth handler to skip the user input stage
|
||||||
// this is for trusted applications to get permissions without asking the user
|
// this is for trusted applications to get permissions without asking the user
|
||||||
func (c *ClientInfoDbOutput) IsSSO() bool { return c.SSO }
|
func (c *ClientInfoDbOutput) IsSSO() bool { return c.Sso }
|
||||||
|
|
||||||
// IsActive is an extra field for the app manager to get the active state
|
// IsActive is an extra field for the app manager to get the active state
|
||||||
func (c *ClientInfoDbOutput) IsActive() bool { return c.Active }
|
func (c *ClientInfoDbOutput) IsActive() bool { return c.Active }
|
||||||
|
@ -57,7 +57,7 @@ func (t *Tx) GetUser(sub string) (*User, error) {
|
|||||||
var u User
|
var u User
|
||||||
row := t.tx.QueryRow(`SELECT email, email_verified, roles, userinfo, updated_at, active FROM users WHERE subject = ?`, sub)
|
row := t.tx.QueryRow(`SELECT email, email_verified, roles, userinfo, updated_at, active FROM users WHERE subject = ?`, sub)
|
||||||
err := row.Scan(&u.Email, &u.EmailVerified, &u.Roles, &u.UserInfo, &u.UpdatedAt, &u.Active)
|
err := row.Scan(&u.Email, &u.EmailVerified, &u.Roles, &u.UserInfo, &u.UpdatedAt, &u.Active)
|
||||||
u.Sub = sub
|
u.Subject = sub
|
||||||
return &u, err
|
return &u, err
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -71,7 +71,7 @@ func (t *Tx) GetUserEmail(sub string) (string, error) {
|
|||||||
func (t *Tx) GetClientInfo(sub string) (oauth2.ClientInfo, error) {
|
func (t *Tx) GetClientInfo(sub string) (oauth2.ClientInfo, error) {
|
||||||
var u ClientInfoDbOutput
|
var u ClientInfoDbOutput
|
||||||
row := t.tx.QueryRow(`SELECT secret, name, domain, perms, public, sso, active FROM client_store WHERE subject = ? LIMIT 1`, sub)
|
row := t.tx.QueryRow(`SELECT secret, name, domain, perms, public, sso, active FROM client_store WHERE subject = ? LIMIT 1`, sub)
|
||||||
err := row.Scan(&u.Secret, &u.Name, &u.Domain, &u.Perms, &u.Public, &u.SSO, &u.Active)
|
err := row.Scan(&u.Secret, &u.Name, &u.Domain, &u.Perms, &u.Public, &u.Sso, &u.Active)
|
||||||
u.Owner = sub
|
u.Owner = sub
|
||||||
if !u.Active {
|
if !u.Active {
|
||||||
return nil, fmt.Errorf("client is not active")
|
return nil, fmt.Errorf("client is not active")
|
||||||
@ -88,7 +88,7 @@ func (t *Tx) GetAppList(owner string, admin bool, offset int) ([]ClientInfoDbOut
|
|||||||
defer row.Close()
|
defer row.Close()
|
||||||
for row.Next() {
|
for row.Next() {
|
||||||
var a ClientInfoDbOutput
|
var a ClientInfoDbOutput
|
||||||
err := row.Scan(&a.Sub, &a.Name, &a.Domain, &a.Owner, &a.Perms, &a.Public, &a.SSO, &a.Active)
|
err := row.Scan(&a.Subject, &a.Name, &a.Domain, &a.Owner, &a.Perms, &a.Public, &a.Sso, &a.Active)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -129,7 +129,7 @@ func (t *Tx) GetUserList(offset int) ([]User, error) {
|
|||||||
}
|
}
|
||||||
for row.Next() {
|
for row.Next() {
|
||||||
var a User
|
var a User
|
||||||
err := row.Scan(&a.Sub, &a.Email, &a.EmailVerified, &a.Roles, &a.UpdatedAt, &a.Active)
|
err := row.Scan(&a.Subject, &a.Email, &a.EmailVerified, &a.Roles, &a.UpdatedAt, &a.Active)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -40,39 +40,39 @@
|
|||||||
<div>New application secret: <span id="app-secret">{{.NewAppSecret}}</span> for {{.NewAppName}}</div>
|
<div>New application secret: <span id="app-secret">{{.NewAppSecret}}</span> for {{.NewAppName}}</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
{{if .Edit}}
|
{{if .EditApp}}
|
||||||
<h2>Edit Client Application</h2>
|
<h2>Edit Client Application</h2>
|
||||||
<form method="POST" action="/manage/apps">
|
<form method="POST" action="/manage/apps">
|
||||||
<input type="hidden" name="action" value="edit"/>
|
<input type="hidden" name="action" value="edit"/>
|
||||||
<input type="hidden" name="offset" value="{{.Offset}}"/>
|
<input type="hidden" name="offset" value="{{.Offset}}"/>
|
||||||
<input type="hidden" name="subject" value="{{.Edit.Sub}}"/>
|
<input type="hidden" name="subject" value="{{.EditApp.Subject}}"/>
|
||||||
<div>
|
<div>
|
||||||
<label>ID: {{.Edit.Sub}}</label>
|
<label>ID: {{.EditApp.Subject}}</label>
|
||||||
</div>
|
</div>
|
||||||
<div>
|
<div>
|
||||||
<label for="field_name">Name:</label>
|
<label for="field_name">Name:</label>
|
||||||
<input type="text" name="name" id="field_name" value="{{.Edit.Name}}" required/>
|
<input type="text" name="name" id="field_name" value="{{.EditApp.Name}}" required/>
|
||||||
</div>
|
</div>
|
||||||
<div>
|
<div>
|
||||||
<label for="field_domain">Domain:</label>
|
<label for="field_domain">Domain:</label>
|
||||||
<input type="text" name="domain" id="field_domain" value="{{.Edit.Domain}}" required/>
|
<input type="text" name="domain" id="field_domain" value="{{.EditApp.Domain}}" required/>
|
||||||
</div>
|
</div>
|
||||||
{{if .IsAdmin}}
|
{{if .IsAdmin}}
|
||||||
<div>
|
<div>
|
||||||
<label for="field_perms">Perms:</label>
|
<label for="field_perms">Perms:</label>
|
||||||
<input type="text" name="perms" id="field_perms" value="{{.Edit.Perms}}" size="100"/>
|
<input type="text" name="perms" id="field_perms" value="{{.EditApp.Perms}}" size="100"/>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
<div>
|
<div>
|
||||||
<label for="field_public">Public: <input type="checkbox" name="public" id="field_public" {{if .Edit.Public}}checked{{end}}/></label>
|
<label for="field_public">Public: <input type="checkbox" name="public" id="field_public" {{if .EditApp.Public}}checked{{end}}/></label>
|
||||||
</div>
|
</div>
|
||||||
{{if .IsAdmin}}
|
{{if .IsAdmin}}
|
||||||
<div>
|
<div>
|
||||||
<label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso" {{if .Edit.SSO}}checked{{end}}/></label>
|
<label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso" {{if .EditApp.SSO}}checked{{end}}/></label>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
<div>
|
<div>
|
||||||
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" {{if .Edit.Active}}checked{{end}}/></label>
|
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" {{if .EditApp.Active}}checked{{end}}/></label>
|
||||||
</div>
|
</div>
|
||||||
<button type="submit">Edit</button>
|
<button type="submit">Edit</button>
|
||||||
</form>
|
</form>
|
||||||
@ -101,7 +101,7 @@
|
|||||||
<tbody>
|
<tbody>
|
||||||
{{range .Apps}}
|
{{range .Apps}}
|
||||||
<tr>
|
<tr>
|
||||||
<td>{{.Sub}}</td>
|
<td>{{.Subject}}</td>
|
||||||
<td>{{.Name}}</td>
|
<td>{{.Name}}</td>
|
||||||
<td>{{.Domain}}</td>
|
<td>{{.Domain}}</td>
|
||||||
<td>{{.Perms}}</td>
|
<td>{{.Perms}}</td>
|
||||||
@ -111,13 +111,13 @@
|
|||||||
<td>
|
<td>
|
||||||
<form method="GET" action="/manage/apps">
|
<form method="GET" action="/manage/apps">
|
||||||
<input type="hidden" name="offset" value="{{$.Offset}}"/>
|
<input type="hidden" name="offset" value="{{$.Offset}}"/>
|
||||||
<input type="hidden" name="edit" value="{{.Sub}}"/>
|
<input type="hidden" name="edit" value="{{.Subject}}"/>
|
||||||
<button type="submit">Edit</button>
|
<button type="submit">Edit</button>
|
||||||
</form>
|
</form>
|
||||||
<form method="POST" action="/manage/apps?offset={{$.Offset}}">
|
<form method="POST" action="/manage/apps?offset={{$.Offset}}">
|
||||||
<input type="hidden" name="action" value="secret"/>
|
<input type="hidden" name="action" value="secret"/>
|
||||||
<input type="hidden" name="offset" value="{{$.Offset}}"/>
|
<input type="hidden" name="offset" value="{{$.Offset}}"/>
|
||||||
<input type="hidden" name="subject" value="{{.Sub}}"/>
|
<input type="hidden" name="subject" value="{{.Subject}}"/>
|
||||||
<button type="submit">Reset Secret</button>
|
<button type="submit">Reset Secret</button>
|
||||||
</form>
|
</form>
|
||||||
</td>
|
</td>
|
||||||
|
@ -12,18 +12,18 @@
|
|||||||
<button type="submit">Home</button>
|
<button type="submit">Home</button>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
{{if .Edit}}
|
{{if .EditUser}}
|
||||||
<h2>Edit User</h2>
|
<h2>Edit User</h2>
|
||||||
<form method="POST" action="/manage/users">
|
<form method="POST" action="/manage/users">
|
||||||
<input type="hidden" name="action" value="edit"/>
|
<input type="hidden" name="action" value="edit"/>
|
||||||
<input type="hidden" name="offset" value="{{.Offset}}"/>
|
<input type="hidden" name="offset" value="{{.Offset}}"/>
|
||||||
<div>
|
<div>
|
||||||
<label for="field_subject">Subject:</label>
|
<label for="field_subject">Subject:</label>
|
||||||
<input type="text" name="subject" id="field_subject" value="{{.Edit.Sub}}" required/>
|
<input type="text" name="subject" id="field_subject" value="{{.EditUser.Subject}}" required/>
|
||||||
</div>
|
</div>
|
||||||
<div>
|
<div>
|
||||||
<label for="field_roles">Roles:</label>
|
<label for="field_roles">Roles:</label>
|
||||||
<input type="text" name="roles" id="field_roles" value="{{.Edit.Roles}}" size="100"/>
|
<input type="text" name="roles" id="field_roles" value="{{.EditUser.Roles}}" size="100"/>
|
||||||
</div>
|
</div>
|
||||||
<div>
|
<div>
|
||||||
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" checked/></label>
|
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" checked/></label>
|
||||||
@ -54,7 +54,7 @@
|
|||||||
<tbody>
|
<tbody>
|
||||||
{{range .Users}}
|
{{range .Users}}
|
||||||
<tr>
|
<tr>
|
||||||
<td>{{.Sub}}</td>
|
<td>{{.Subject}}</td>
|
||||||
<th>
|
<th>
|
||||||
{{if $.EmailShow}}
|
{{if $.EmailShow}}
|
||||||
<span>{{.Email}}</span>
|
<span>{{.Email}}</span>
|
||||||
@ -69,7 +69,7 @@
|
|||||||
<td>
|
<td>
|
||||||
<form method="GET" action="/manage/users">
|
<form method="GET" action="/manage/users">
|
||||||
<input type="hidden" name="offset" value="{{$.Offset}}"/>
|
<input type="hidden" name="offset" value="{{$.Offset}}"/>
|
||||||
<input type="hidden" name="edit" value="{{.Sub}}"/>
|
<input type="hidden" name="edit" value="{{.Subject}}"/>
|
||||||
<button type="submit">Edit</button>
|
<button type="submit">Edit</button>
|
||||||
</form>
|
</form>
|
||||||
<form method="POST" action="/reset-password">
|
<form method="POST" action="/reset-password">
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
{{template "header.go.html" .}}
|
{{template "header.go.html" .}}
|
||||||
<main>
|
<main>
|
||||||
<form method="POST" action="/authorize">
|
<form method="POST" action="/authorize">
|
||||||
<div>The application {{.AppName}} wants to access your account ({{.DisplayName}}). It requests the following permissions:</div>
|
<div>The application {{.AppName}} wants to access your account ({{.Auth.UserInfo.name}}). It requests the following permissions:</div>
|
||||||
<div>
|
<div>
|
||||||
<ul>
|
<ul>
|
||||||
{{range .WantsList}}
|
{{range .WantsList}}
|
||||||
|
@ -43,7 +43,7 @@ func generateIDToken(ti oauth2.TokenInfo, us *database.DB, key mjwt.Signer) (tok
|
|||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
token, err = key.GenerateJwt(user.Sub, "", jwt.ClaimStrings{ti.GetClientID()}, ti.GetAccessExpiresIn(), &IdTokenClaims{Subject: user.Sub})
|
token, err = key.GenerateJwt(user.Subject, "", jwt.ClaimStrings{ti.GetClientID()}, ti.GetAccessExpiresIn(), &IdTokenClaims{Subject: user.Subject})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -46,16 +46,18 @@ func (h *HttpServer) ManageAppsGet(rw http.ResponseWriter, req *http.Request, _
|
|||||||
}
|
}
|
||||||
if q.Has("edit") {
|
if q.Has("edit") {
|
||||||
for _, i := range appList {
|
for _, i := range appList {
|
||||||
if i.Sub == q.Get("edit") {
|
if i.Subject == q.Get("edit") {
|
||||||
m["Edit"] = i
|
m["EditApp"] = i
|
||||||
goto validEdit
|
rw.Header().Set("Content-Type", "text/html")
|
||||||
|
rw.WriteHeader(http.StatusOK)
|
||||||
|
pages.RenderPageTemplate(rw, "manage-apps-edit", m)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
http.Error(rw, "400 Bad Request: Invalid client app to edit", http.StatusBadRequest)
|
http.Error(rw, "400 Bad Request: Invalid client app to edit", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
validEdit:
|
|
||||||
rw.Header().Set("Content-Type", "text/html")
|
rw.Header().Set("Content-Type", "text/html")
|
||||||
rw.WriteHeader(http.StatusOK)
|
rw.WriteHeader(http.StatusOK)
|
||||||
pages.RenderPageTemplate(rw, "manage-apps", m)
|
pages.RenderPageTemplate(rw, "manage-apps", m)
|
||||||
|
@ -47,16 +47,18 @@ func (h *HttpServer) ManageUsersGet(rw http.ResponseWriter, req *http.Request, _
|
|||||||
}
|
}
|
||||||
if q.Has("edit") {
|
if q.Has("edit") {
|
||||||
for _, i := range userList {
|
for _, i := range userList {
|
||||||
if i.Sub == q.Get("edit") {
|
if i.Subject == q.Get("edit") {
|
||||||
m["Edit"] = i
|
m["EditUser"] = i
|
||||||
goto validEdit
|
rw.Header().Set("Content-Type", "text/html")
|
||||||
|
rw.WriteHeader(http.StatusOK)
|
||||||
|
pages.RenderPageTemplate(rw, "manage-users-edit", m)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
http.Error(rw, "400 Bad Request: Invalid user to edit", http.StatusBadRequest)
|
http.Error(rw, "400 Bad Request: Invalid user to edit", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
validEdit:
|
|
||||||
rw.Header().Set("Content-Type", "text/html")
|
rw.Header().Set("Content-Type", "text/html")
|
||||||
rw.WriteHeader(http.StatusOK)
|
rw.WriteHeader(http.StatusOK)
|
||||||
pages.RenderPageTemplate(rw, "manage-users", m)
|
pages.RenderPageTemplate(rw, "manage-users", m)
|
||||||
|
Loading…
Reference in New Issue
Block a user