~sircmpwn/meta.sr.ht

ref: 72548bd7545f78670878667674cc7645835a17bd meta.sr.ht/metasrht/blueprints/keys.py -rw-r--r-- 2.4 KiB
72548bd7Drew DeVault API: Updates per core-go auth changes 1 year, 1 month ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
from flask import Blueprint, render_template, request, redirect
from srht.graphql import exec_gql
from srht.oauth import current_user, loginrequired
from srht.validation import Validation

keys = Blueprint('keys', __name__)

@keys.route("/keys")
@loginrequired
def keys_GET():
    return render_template("keys.html")

@keys.route("/keys/ssh-keys", methods=["POST"])
@loginrequired
def ssh_keys_POST():
    valid = Validation(request)
    resp = exec_gql("meta.sr.ht", """
    mutation CreateSSHKey($key: String!) {
        createSSHKey(key: $key) { id }
    }
    """, valid=valid, key=valid.source.get("ssh-key", ""))
    if not valid.ok:
        # The GraphQL parameter is called key, but we call it ssh-key to
        # disambiguate from PGP keys, which are configured on the same page.
        for err in valid.errors:
            if err.field == "key":
                err.field = "ssh-key"
        return render_template("keys.html", **valid.kwargs), 400
    return redirect("/keys")

@keys.route("/keys/delete-ssh/<int:key_id>", methods=["POST"])
@loginrequired
def ssh_keys_delete(key_id):
    resp = exec_gql("meta.sr.ht", """
    mutation DeleteSSHKey($key: Int!) {
        deleteSSHKey(id: $key) { id }
    }
    """, key=key_id)
    return redirect("/keys")

@keys.route("/keys/pgp-keys", methods=["POST"])
@loginrequired
def pgp_keys_POST():
    valid = Validation(request)
    resp = exec_gql("meta.sr.ht", """
    mutation CreatePGPKey($key: String!) {
        createPGPKey(key: $key) { id }
    }
    """, valid=valid, key=valid.source.get("pgp-key", ""))
    if not valid.ok:
        # The GraphQL parameter is called key, but we call it pgp-key to
        # disambiguate from SSH keys, which are configured on the same page.
        for err in valid.errors:
            if err.field == "key":
                err.field = "pgp-key"
        return render_template("keys.html", **valid.kwargs), 400
    return redirect("/keys")

@keys.route("/keys/delete-pgp/<int:key_id>", methods=["POST"])
@loginrequired
def pgp_keys_delete(key_id):
    # TODO: Move this logic into GQL
    if key_id == current_user.pgp_key_id:
        return render_template("keys.html",
                current_user=user, tried_to_delete_key_in_use=True), 400
    resp = exec_gql("meta.sr.ht", """
    mutation DeletePGPKey($key: Int!) {
        deletePGPKey(id: $key) { id }
    }
    """, key=key_id)
    return redirect("/keys")