~sircmpwn/meta.sr.ht

ref: 72548bd7545f78670878667674cc7645835a17bd meta.sr.ht/metasrht/templates/oauth-authorize.html -rw-r--r-- 2.4 KiB
72548bd7Drew DeVault API: Updates per core-go auth changes 1 year, 1 month ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
{% extends "layout.html" %}
{% block title %}
<title>Authorize account access - {{cfg("sr.ht", "site-name")}} meta</title>
{% endblock %}
{% block content %}
<form class="row" method="POST" action="/oauth/authorize">
  {{csrf_token()}}
  <section class="col-md-6">
    <h3>Authorize account access</h3>
    <p>
      <strong>{{client.client_name}}</strong> would like access to your
      {{cfg("sr.ht", "site-name")}} account.
      <strong>{{client.client_name}}</strong> is a third-party application
      operated by <strong>{{client.user.username}}</strong>. You may revoke
      this access at any time. They would like permission to access
      the following resources on your account:
    </p>
    {% macro render_access(scope) %}
      {% if scope.access == 'read' %}
      {% if str(scope) == 'profile:read' %}
      <input type="checkbox" name="{{scope}}" checked disabled />
      {% else %}
      <input type="checkbox" name="{{scope}}" checked />
      {% endif %}
      <strong>read</strong>
      {% elif scope.access == 'write' %}
      <input type="checkbox" name="{{scope}}" checked />
      <strong>read</strong> and <strong>write</strong>
      {% endif %}
    {% endmacro %}
    <ul>
    {% for scope in scopes %}
    <li>
      {% if not scope.client_id %}
      {{render_access(scope)}} access to your
      <strong>{{scope.friendly()}}</strong>
      {% else %}
      {{render_access(scope)}} access to your
      <strong>{{scope.friendly()}}</strong> on your
      <strong>{{scope.client.client_name}}</strong> account
      {% endif %}
    </li>
    {% endfor %}
    </ul>
    <p>
      By unchecking the relevant permissions, you may change how much access
      <strong>{{client.client_name}}</strong> will have. However, note that
      this may cause undesirable behavior in the third-party application.
    </p>
    <input type="hidden" name="client_id" value="{{ client.client_id }}" />
    {% if redirect_uri %}
    <input type="hidden" name="redirect_uri" value="{{ redirect_uri }}" />
    {% endif %}
    {% if state %}
    <input type="hidden" name="state" value="{{ state }}" />
    {% endif %}
    <button
      type="submit"
      name="accept"
      class="btn btn-danger"
    >Proceed and grant access</button>
    <button
      type="submit"
      name="reject"
      class="btn btn-default"
    >Cancel and do not grant access</button>
  </section>
</form>
{% endblock %}