Added deleting and listing oauth2s

This commit is contained in:
Tracker-Friendly 2024-04-02 16:57:19 +01:00
parent 01520680f9
commit e4f1926d72
2 changed files with 84 additions and 9 deletions

78
main
View File

@ -360,6 +360,29 @@ async def apitokenexchange():
else: else:
return {}, 400 return {}, 400
@app.route("/api/deleteauth", methods=("GET", "POST"))
async def apideleteauth():
if request.method == "POST":
data = await request.get_json()
appId = data["appId"]
secretKey = data["secretKey"]
userCookie = get_session(secretKey)
user = get_user(userCookie["id"])
conn = get_db_connection()
try:
conn.execute("DELETE FROM oauth WHERE appId = ? AND creator = ?", (str(appId), str(user["id"]))
except:
return 400
else:
try:
conn.execute("DELETE FROM oauth WHERE appId = ? AND creator = ?", (str(appId), str(user["id"]))
except:
pass
else:
return 200
@app.route("/api/newauth", methods=("GET", "POST")) @app.route("/api/newauth", methods=("GET", "POST"))
async def apicreateauth(): async def apicreateauth():
if request.method == "POST": if request.method == "POST":
@ -396,6 +419,29 @@ async def apicreateauth():
} }
return secretkey, 200 return secretkey, 200
@app.route("/api/listauth", methods=("GET", "POST"))
async def apiauthlist():
if request.method == "POST":
data = await request.get_json()
secretKey = data["secretKey"]
userCookie = get_session(secretKey)
user = get_user(userCookie["id"])
conn = get_db_connection()
oauths = conn.execute("SELECT * FROM oauth WHERE creator = ? ORDER BY id DESC;", (user["id"],)).fetchall()
conn.close()
datatemplate = []
for i in oauths:
template = {
"appId": i["appId"]
}
datatemplate.append(template)
return datatemplate, 200
@app.route("/api/deleteaccount", methods=("GET", "POST")) @app.route("/api/deleteaccount", methods=("GET", "POST"))
async def apideleteaccount(): async def apideleteaccount():
if request.method == "POST": if request.method == "POST":
@ -406,12 +452,34 @@ async def apideleteaccount():
user = get_user(userCookie["id"]) user = get_user(userCookie["id"])
conn = get_db_connection() conn = get_db_connection()
conn.execute("DELETE FROM userdata WHERE creator = ?", (userCookie["id"],)) try:
conn.commit() conn.execute("DELETE FROM userdata WHERE creator = ?", (userCookie["id"],))
conn.close() except:
pass
else:
pass
try:
conn.execute("DELETE FROM logins WHERE creator = ?", (userCookie["id"],))
except:
pass
else:
pass
try:
conn.execute("DELETE FROM oauth WHERE creator = ?", (userCookie["id"],))
except:
pass
else:
pass
try:
conn.execute("DELETE FROM users WHERE id = ?", (userCookie["id"],))
except:
return {}, 400
else:
pass
conn = get_db_connection()
conn.execute("DELETE FROM users WHERE id = ?", (userCookie["id"],))
conn.commit() conn.commit()
conn.close() conn.close()

View File

@ -13,10 +13,17 @@
const urlParams = new URLSearchParams(window.location.search); const urlParams = new URLSearchParams(window.location.search);
// Get URL parameters // Get URL parameters
var client_id = urlParams.get('client_id'); if (urlParams.has('client_id')) {
var redirect_uri = urlParams.get('redirect_uri'); var client_id = urlParams.get('client_id');
var response_type = urlParams.get('response_type'); var redirect_uri = urlParams.get('redirect_uri');
var state = urlParams.get('state'); var response_type = urlParams.get('response_type');
} else {
window.location.replace("/dashboard");
}
if (urlParams.has('state')) {
var state = urlParams.get('state');
}
if (urlParams.has('code_challenge')) { if (urlParams.has('code_challenge')) {
code = urlParams.get('code_challenge'); code = urlParams.get('code_challenge');