From e4f1926d72da909fb10b81936651d53884765657 Mon Sep 17 00:00:00 2001
From: Tracker-Friendly <jliwin98@danwin1210.de>
Date: Tue, 2 Apr 2024 16:57:19 +0100
Subject: [PATCH] Added deleting and listing oauth2s

---
 main                | 78 ++++++++++++++++++++++++++++++++++++++++++---
 templates/main.html | 15 ++++++---
 2 files changed, 84 insertions(+), 9 deletions(-)

diff --git a/main b/main
index 8b03446..3fe4515 100644
--- a/main
+++ b/main
@@ -360,6 +360,29 @@ async def apitokenexchange():
         else:
             return {}, 400
 
+@app.route("/api/deleteauth", methods=("GET", "POST"))
+async def apideleteauth():
+    if request.method == "POST":
+        data = await request.get_json()
+        appId = data["appId"]
+        secretKey = data["secretKey"]
+
+        userCookie = get_session(secretKey)
+        user = get_user(userCookie["id"])
+
+        conn = get_db_connection()
+        try:
+            conn.execute("DELETE FROM oauth WHERE appId = ? AND creator = ?", (str(appId), str(user["id"]))
+        except:
+            return 400
+        else:
+            try:
+                conn.execute("DELETE FROM oauth WHERE appId = ? AND creator = ?", (str(appId), str(user["id"]))
+            except:
+                pass
+            else:
+                return 200
+
 @app.route("/api/newauth", methods=("GET", "POST"))
 async def apicreateauth():
     if request.method == "POST":
@@ -396,6 +419,29 @@ async def apicreateauth():
         }
         return secretkey, 200
 
+@app.route("/api/listauth", methods=("GET", "POST"))
+async def apiauthlist():
+    if request.method == "POST":
+        data = await request.get_json()
+        secretKey = data["secretKey"]
+
+        userCookie = get_session(secretKey)
+        user = get_user(userCookie["id"])
+
+        conn = get_db_connection()
+        oauths = conn.execute("SELECT * FROM oauth WHERE creator = ? ORDER BY id DESC;", (user["id"],)).fetchall()
+        conn.close()
+
+        datatemplate = []
+
+        for i in oauths:
+            template = {
+                "appId": i["appId"]
+            }
+            datatemplate.append(template)
+
+        return datatemplate, 200
+
 @app.route("/api/deleteaccount", methods=("GET", "POST"))
 async def apideleteaccount():
     if request.method == "POST":
@@ -406,12 +452,34 @@ async def apideleteaccount():
         user = get_user(userCookie["id"])
 
         conn = get_db_connection()
-        conn.execute("DELETE FROM userdata WHERE creator = ?", (userCookie["id"],))
-        conn.commit()
-        conn.close()
+        try:
+            conn.execute("DELETE FROM userdata WHERE creator = ?", (userCookie["id"],))
+        except:
+            pass
+        else:
+            pass
+
+        try:
+            conn.execute("DELETE FROM logins WHERE creator = ?", (userCookie["id"],))
+        except:
+            pass
+        else:
+            pass
+
+        try:
+            conn.execute("DELETE FROM oauth WHERE creator = ?", (userCookie["id"],))
+        except:
+            pass
+        else:
+            pass
+
+        try:
+            conn.execute("DELETE FROM users WHERE id = ?", (userCookie["id"],))
+        except:
+            return {}, 400
+        else:
+            pass
 
-        conn = get_db_connection()
-        conn.execute("DELETE FROM users WHERE id = ?", (userCookie["id"],))
         conn.commit()
         conn.close()
 
diff --git a/templates/main.html b/templates/main.html
index 295dbf4..3760317 100644
--- a/templates/main.html
+++ b/templates/main.html
@@ -13,10 +13,17 @@
       const urlParams = new URLSearchParams(window.location.search);
 
       // Get URL parameters
-      var client_id = urlParams.get('client_id');
-      var redirect_uri = urlParams.get('redirect_uri');
-      var response_type = urlParams.get('response_type');
-      var state = urlParams.get('state');
+      if (urlParams.has('client_id')) {
+          var client_id = urlParams.get('client_id');
+          var redirect_uri = urlParams.get('redirect_uri');
+          var response_type = urlParams.get('response_type');
+      } else {
+          window.location.replace("/dashboard");
+      }
+
+      if (urlParams.has('state')) {
+          var state = urlParams.get('state');
+      }
 
       if (urlParams.has('code_challenge')) {
           code = urlParams.get('code_challenge');