added /delete_key
This commit is contained in:
parent
4309d65c85
commit
b24061fb05
24
buckler.py
24
buckler.py
|
@ -312,6 +312,30 @@ async def set_session(request):
|
|||
return web.json_response(error)
|
||||
|
||||
|
||||
@routes.post(config.url_prefix + '/delete_key', name='delete_key')
|
||||
@auth.auth_required
|
||||
async def delete_key(request):
|
||||
"""Allows a user to delete a security key."""
|
||||
data = await request.post()
|
||||
async with request.app['pool'].acquire() as conn:
|
||||
for key, value in data.items():
|
||||
key_id = key.replace('fido-', '')
|
||||
if not key_id:
|
||||
continue
|
||||
try:
|
||||
key_id = int(key_id)
|
||||
except ValueError:
|
||||
continue
|
||||
if value != 'on':
|
||||
continue
|
||||
await conn.execute(
|
||||
"DELETE FROM user_credential "
|
||||
"WHERE id = $1 AND user_id = $2",
|
||||
key_id, request['session']['id'])
|
||||
index_url = request.app.router['index'].url_for()
|
||||
raise web.HTTPFound(location=index_url)
|
||||
|
||||
|
||||
async def init_app():
|
||||
"""Initializes the application."""
|
||||
app = web.Application()
|
||||
|
|
|
@ -78,22 +78,25 @@
|
|||
<article style="display: none;">
|
||||
<hr>
|
||||
{% if fido2_keys %}
|
||||
<table id="security_keys">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Nick</th>
|
||||
<th>Delete</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for key in fido2_keys %}
|
||||
<tr>
|
||||
<td>{{ key['nick'] }}</td>
|
||||
<td><input aria-label="Delete {{ key['nick'] }}" id="fido-{{ key['id'] }}" name="fido-{{ key['id'] }}" type="checkbox"></td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
<form action="{{ request.app.router['delete_key'].url_for() }}" method="POST" enctype="application/x-www-form-urlencoded">
|
||||
<table id="security_keys">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Nick</th>
|
||||
<th>Delete</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for key in fido2_keys %}
|
||||
<tr>
|
||||
<td>{{ key['nick'] }}</td>
|
||||
<td><input aria-label="Delete {{ key['nick'] }}" id="fido-{{ key['id'] }}" name="fido-{{ key['id'] }}" type="checkbox"></td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
<input type="submit" value="Delete">
|
||||
</form>
|
||||
{% else %}
|
||||
<span>No registered keys.</span>
|
||||
{% endif %}
|
||||
|
|
Loading…
Reference in New Issue
Block a user