Minor modifications to work with templates

This commit is contained in:
Melon 2024-05-16 22:46:32 +01:00
parent ba56a628d0
commit befccd861f
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
8 changed files with 40 additions and 36 deletions

View File

@ -6,7 +6,7 @@ import (
) )
type User struct { type User struct {
Sub string `json:"sub"` Subject string `json:"subject"`
Email string `json:"email"` Email string `json:"email"`
EmailVerified bool `json:"email_verified"` EmailVerified bool `json:"email_verified"`
Roles string `json:"roles"` Roles string `json:"roles"`
@ -16,13 +16,13 @@ type User struct {
} }
type ClientInfoDbOutput struct { type ClientInfoDbOutput struct {
Sub, Name, Secret, Domain, Owner, Perms string Subject, Name, Secret, Domain, Owner, Perms string
Public, SSO, Active bool Public, Sso, Active bool
} }
var _ oauth2.ClientInfo = &ClientInfoDbOutput{} var _ oauth2.ClientInfo = &ClientInfoDbOutput{}
func (c *ClientInfoDbOutput) GetID() string { return c.Sub } func (c *ClientInfoDbOutput) GetID() string { return c.Subject }
func (c *ClientInfoDbOutput) GetSecret() string { return c.Secret } func (c *ClientInfoDbOutput) GetSecret() string { return c.Secret }
func (c *ClientInfoDbOutput) GetDomain() string { return c.Domain } func (c *ClientInfoDbOutput) GetDomain() string { return c.Domain }
func (c *ClientInfoDbOutput) IsPublic() bool { return c.Public } func (c *ClientInfoDbOutput) IsPublic() bool { return c.Public }
@ -34,7 +34,7 @@ func (c *ClientInfoDbOutput) GetName() string { return c.Name }
// IsSSO is an extra field for the oauth handler to skip the user input stage // IsSSO is an extra field for the oauth handler to skip the user input stage
// this is for trusted applications to get permissions without asking the user // this is for trusted applications to get permissions without asking the user
func (c *ClientInfoDbOutput) IsSSO() bool { return c.SSO } func (c *ClientInfoDbOutput) IsSSO() bool { return c.Sso }
// IsActive is an extra field for the app manager to get the active state // IsActive is an extra field for the app manager to get the active state
func (c *ClientInfoDbOutput) IsActive() bool { return c.Active } func (c *ClientInfoDbOutput) IsActive() bool { return c.Active }

View File

@ -57,7 +57,7 @@ func (t *Tx) GetUser(sub string) (*User, error) {
var u User var u User
row := t.tx.QueryRow(`SELECT email, email_verified, roles, userinfo, updated_at, active FROM users WHERE subject = ?`, sub) row := t.tx.QueryRow(`SELECT email, email_verified, roles, userinfo, updated_at, active FROM users WHERE subject = ?`, sub)
err := row.Scan(&u.Email, &u.EmailVerified, &u.Roles, &u.UserInfo, &u.UpdatedAt, &u.Active) err := row.Scan(&u.Email, &u.EmailVerified, &u.Roles, &u.UserInfo, &u.UpdatedAt, &u.Active)
u.Sub = sub u.Subject = sub
return &u, err return &u, err
} }
@ -71,7 +71,7 @@ func (t *Tx) GetUserEmail(sub string) (string, error) {
func (t *Tx) GetClientInfo(sub string) (oauth2.ClientInfo, error) { func (t *Tx) GetClientInfo(sub string) (oauth2.ClientInfo, error) {
var u ClientInfoDbOutput var u ClientInfoDbOutput
row := t.tx.QueryRow(`SELECT secret, name, domain, perms, public, sso, active FROM client_store WHERE subject = ? LIMIT 1`, sub) row := t.tx.QueryRow(`SELECT secret, name, domain, perms, public, sso, active FROM client_store WHERE subject = ? LIMIT 1`, sub)
err := row.Scan(&u.Secret, &u.Name, &u.Domain, &u.Perms, &u.Public, &u.SSO, &u.Active) err := row.Scan(&u.Secret, &u.Name, &u.Domain, &u.Perms, &u.Public, &u.Sso, &u.Active)
u.Owner = sub u.Owner = sub
if !u.Active { if !u.Active {
return nil, fmt.Errorf("client is not active") return nil, fmt.Errorf("client is not active")
@ -88,7 +88,7 @@ func (t *Tx) GetAppList(owner string, admin bool, offset int) ([]ClientInfoDbOut
defer row.Close() defer row.Close()
for row.Next() { for row.Next() {
var a ClientInfoDbOutput var a ClientInfoDbOutput
err := row.Scan(&a.Sub, &a.Name, &a.Domain, &a.Owner, &a.Perms, &a.Public, &a.SSO, &a.Active) err := row.Scan(&a.Subject, &a.Name, &a.Domain, &a.Owner, &a.Perms, &a.Public, &a.Sso, &a.Active)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -129,7 +129,7 @@ func (t *Tx) GetUserList(offset int) ([]User, error) {
} }
for row.Next() { for row.Next() {
var a User var a User
err := row.Scan(&a.Sub, &a.Email, &a.EmailVerified, &a.Roles, &a.UpdatedAt, &a.Active) err := row.Scan(&a.Subject, &a.Email, &a.EmailVerified, &a.Roles, &a.UpdatedAt, &a.Active)
if err != nil { if err != nil {
return nil, err return nil, err
} }

View File

@ -40,39 +40,39 @@
<div>New application secret: <span id="app-secret">{{.NewAppSecret}}</span> for {{.NewAppName}}</div> <div>New application secret: <span id="app-secret">{{.NewAppSecret}}</span> for {{.NewAppName}}</div>
{{end}} {{end}}
{{if .Edit}} {{if .EditApp}}
<h2>Edit Client Application</h2> <h2>Edit Client Application</h2>
<form method="POST" action="/manage/apps"> <form method="POST" action="/manage/apps">
<input type="hidden" name="action" value="edit"/> <input type="hidden" name="action" value="edit"/>
<input type="hidden" name="offset" value="{{.Offset}}"/> <input type="hidden" name="offset" value="{{.Offset}}"/>
<input type="hidden" name="subject" value="{{.Edit.Sub}}"/> <input type="hidden" name="subject" value="{{.EditApp.Subject}}"/>
<div> <div>
<label>ID: {{.Edit.Sub}}</label> <label>ID: {{.EditApp.Subject}}</label>
</div> </div>
<div> <div>
<label for="field_name">Name:</label> <label for="field_name">Name:</label>
<input type="text" name="name" id="field_name" value="{{.Edit.Name}}" required/> <input type="text" name="name" id="field_name" value="{{.EditApp.Name}}" required/>
</div> </div>
<div> <div>
<label for="field_domain">Domain:</label> <label for="field_domain">Domain:</label>
<input type="text" name="domain" id="field_domain" value="{{.Edit.Domain}}" required/> <input type="text" name="domain" id="field_domain" value="{{.EditApp.Domain}}" required/>
</div> </div>
{{if .IsAdmin}} {{if .IsAdmin}}
<div> <div>
<label for="field_perms">Perms:</label> <label for="field_perms">Perms:</label>
<input type="text" name="perms" id="field_perms" value="{{.Edit.Perms}}" size="100"/> <input type="text" name="perms" id="field_perms" value="{{.EditApp.Perms}}" size="100"/>
</div> </div>
{{end}} {{end}}
<div> <div>
<label for="field_public">Public: <input type="checkbox" name="public" id="field_public" {{if .Edit.Public}}checked{{end}}/></label> <label for="field_public">Public: <input type="checkbox" name="public" id="field_public" {{if .EditApp.Public}}checked{{end}}/></label>
</div> </div>
{{if .IsAdmin}} {{if .IsAdmin}}
<div> <div>
<label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso" {{if .Edit.SSO}}checked{{end}}/></label> <label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso" {{if .EditApp.SSO}}checked{{end}}/></label>
</div> </div>
{{end}} {{end}}
<div> <div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" {{if .Edit.Active}}checked{{end}}/></label> <label for="field_active">Active: <input type="checkbox" name="active" id="field_active" {{if .EditApp.Active}}checked{{end}}/></label>
</div> </div>
<button type="submit">Edit</button> <button type="submit">Edit</button>
</form> </form>
@ -101,7 +101,7 @@
<tbody> <tbody>
{{range .Apps}} {{range .Apps}}
<tr> <tr>
<td>{{.Sub}}</td> <td>{{.Subject}}</td>
<td>{{.Name}}</td> <td>{{.Name}}</td>
<td>{{.Domain}}</td> <td>{{.Domain}}</td>
<td>{{.Perms}}</td> <td>{{.Perms}}</td>
@ -111,13 +111,13 @@
<td> <td>
<form method="GET" action="/manage/apps"> <form method="GET" action="/manage/apps">
<input type="hidden" name="offset" value="{{$.Offset}}"/> <input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="edit" value="{{.Sub}}"/> <input type="hidden" name="edit" value="{{.Subject}}"/>
<button type="submit">Edit</button> <button type="submit">Edit</button>
</form> </form>
<form method="POST" action="/manage/apps?offset={{$.Offset}}"> <form method="POST" action="/manage/apps?offset={{$.Offset}}">
<input type="hidden" name="action" value="secret"/> <input type="hidden" name="action" value="secret"/>
<input type="hidden" name="offset" value="{{$.Offset}}"/> <input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="subject" value="{{.Sub}}"/> <input type="hidden" name="subject" value="{{.Subject}}"/>
<button type="submit">Reset Secret</button> <button type="submit">Reset Secret</button>
</form> </form>
</td> </td>

View File

@ -12,18 +12,18 @@
<button type="submit">Home</button> <button type="submit">Home</button>
</form> </form>
{{if .Edit}} {{if .EditUser}}
<h2>Edit User</h2> <h2>Edit User</h2>
<form method="POST" action="/manage/users"> <form method="POST" action="/manage/users">
<input type="hidden" name="action" value="edit"/> <input type="hidden" name="action" value="edit"/>
<input type="hidden" name="offset" value="{{.Offset}}"/> <input type="hidden" name="offset" value="{{.Offset}}"/>
<div> <div>
<label for="field_subject">Subject:</label> <label for="field_subject">Subject:</label>
<input type="text" name="subject" id="field_subject" value="{{.Edit.Sub}}" required/> <input type="text" name="subject" id="field_subject" value="{{.EditUser.Subject}}" required/>
</div> </div>
<div> <div>
<label for="field_roles">Roles:</label> <label for="field_roles">Roles:</label>
<input type="text" name="roles" id="field_roles" value="{{.Edit.Roles}}" size="100"/> <input type="text" name="roles" id="field_roles" value="{{.EditUser.Roles}}" size="100"/>
</div> </div>
<div> <div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" checked/></label> <label for="field_active">Active: <input type="checkbox" name="active" id="field_active" checked/></label>
@ -54,7 +54,7 @@
<tbody> <tbody>
{{range .Users}} {{range .Users}}
<tr> <tr>
<td>{{.Sub}}</td> <td>{{.Subject}}</td>
<th> <th>
{{if $.EmailShow}} {{if $.EmailShow}}
<span>{{.Email}}</span> <span>{{.Email}}</span>
@ -69,7 +69,7 @@
<td> <td>
<form method="GET" action="/manage/users"> <form method="GET" action="/manage/users">
<input type="hidden" name="offset" value="{{$.Offset}}"/> <input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="edit" value="{{.Sub}}"/> <input type="hidden" name="edit" value="{{.Subject}}"/>
<button type="submit">Edit</button> <button type="submit">Edit</button>
</form> </form>
<form method="POST" action="/reset-password"> <form method="POST" action="/reset-password">

View File

@ -9,7 +9,7 @@
{{template "header.go.html" .}} {{template "header.go.html" .}}
<main> <main>
<form method="POST" action="/authorize"> <form method="POST" action="/authorize">
<div>The application {{.AppName}} wants to access your account ({{.DisplayName}}). It requests the following permissions:</div> <div>The application {{.AppName}} wants to access your account ({{.Auth.UserInfo.name}}). It requests the following permissions:</div>
<div> <div>
<ul> <ul>
{{range .WantsList}} {{range .WantsList}}

View File

@ -43,7 +43,7 @@ func generateIDToken(ti oauth2.TokenInfo, us *database.DB, key mjwt.Signer) (tok
return "", err return "", err
} }
token, err = key.GenerateJwt(user.Sub, "", jwt.ClaimStrings{ti.GetClientID()}, ti.GetAccessExpiresIn(), &IdTokenClaims{Subject: user.Sub}) token, err = key.GenerateJwt(user.Subject, "", jwt.ClaimStrings{ti.GetClientID()}, ti.GetAccessExpiresIn(), &IdTokenClaims{Subject: user.Subject})
return return
} }

View File

@ -46,16 +46,18 @@ func (h *HttpServer) ManageAppsGet(rw http.ResponseWriter, req *http.Request, _
} }
if q.Has("edit") { if q.Has("edit") {
for _, i := range appList { for _, i := range appList {
if i.Sub == q.Get("edit") { if i.Subject == q.Get("edit") {
m["Edit"] = i m["EditApp"] = i
goto validEdit rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-apps-edit", m)
return
} }
} }
http.Error(rw, "400 Bad Request: Invalid client app to edit", http.StatusBadRequest) http.Error(rw, "400 Bad Request: Invalid client app to edit", http.StatusBadRequest)
return return
} }
validEdit:
rw.Header().Set("Content-Type", "text/html") rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK) rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-apps", m) pages.RenderPageTemplate(rw, "manage-apps", m)

View File

@ -47,16 +47,18 @@ func (h *HttpServer) ManageUsersGet(rw http.ResponseWriter, req *http.Request, _
} }
if q.Has("edit") { if q.Has("edit") {
for _, i := range userList { for _, i := range userList {
if i.Sub == q.Get("edit") { if i.Subject == q.Get("edit") {
m["Edit"] = i m["EditUser"] = i
goto validEdit rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-users-edit", m)
return
} }
} }
http.Error(rw, "400 Bad Request: Invalid user to edit", http.StatusBadRequest) http.Error(rw, "400 Bad Request: Invalid user to edit", http.StatusBadRequest)
return return
} }
validEdit:
rw.Header().Set("Content-Type", "text/html") rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK) rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-users", m) pages.RenderPageTemplate(rw, "manage-users", m)