Auth Tokens: a UI

2026-03-10 08:01:17 +00:00 · 2025-04-14 10:35:22 +02:00
parent 4bbfe1a4ff
commit f56e3c647a
5 changed files with 130 additions and 0 deletions
--- a/bsmain/templates/bsmain/auth_token_list.html
+++ b/bsmain/templates/bsmain/auth_token_list.html
@@ -0,0 +1,80 @@
 {% extends "base.html" %}
 {% load static %}
 {% block title %}Auth Tokens · {{ site_title }}{% endblock %}
 {% block content %}
 <div class="flex items-center justify-center">
    <div class="m-4 max-w-4xl flex-auto">
        {% if messages %}
        <ul class="mb-4">
            {% for message in messages %}
                {# if we introduce different levels we can use{% message.level == DEFAULT_MESSAGE_LEVELS.SUCCESS %} #}
                <li class="bg-cyan-50 border-2 border-cyan-800 p-4 rounded-lg">{{ message }}</li>
            {% endfor %}
        </ul>
        {% endif %}
        <div class="flex">
            <h1 class="text-4xl mt-4 font-bold">Auth Tokens</h1>
            <div class="ml-auto mt-6">
                <form action="{% url "auth_token_create" %}" method="post">
                {% csrf_token %} {# margins display slightly different from the <a href version that I have for e.g. project memembers, but I don't care _that_ much #}
                    <button class="font-bold text-slate-800 border-slate-500 pl-4 pr-4 pb-2 pt-2 ml-1 border-2 bg-cyan-200 hover:bg-cyan-400 active:ring rounded-md">Add Token</button>
                </form>
            </div> 
        </div>
        <div>
          <form action="." method="post">
          {% csrf_token %}
          <table class="w-full mt-8">
          <tbody>
                <thead>
                <tr class="bg-slate-200">
                    <th class="w-full p-4 text-left text-xl" colspan="2">Auth Tokens</th>
                </tr>
                {% for auth_token in auth_tokens %}
                <tr class="bg-white border-slate-200 border-b-2">
                <td class="w-full p-4">
                    <div>
                        {{ auth_token.token }}
                    </div>
                </td>
                <td class="p-4">
                    <div class="flex justify-end">
                        <button name="action" value="delete:{{ auth_token.id }}" class="font-bold text-slate-500 border-slate-300 pl-4 pr-4 pb-2 pt-2 ml-2 border-2 hover:bg-slate-200 active:ring rounded-md">Delete</button>
                    </div> 
                </td>
                </tr>
                {% empty %}
                <tr class="bg-white border-slate-200 border-b-2">
                <td class="w-full p-4">
                    <div>
                        No Auth Tokens.
                    </div>
                </td>
                <td class="p-4">
                </td>
                </tr>
                {% endfor %}
            </tbody>
            </table>
            </form>
        </div>
 </div>
 {% endblock %}
--- a/bsmain/urls.py
+++ b/bsmain/urls.py
@@ -0,0 +1,9 @@
 from django.urls import path
 from .views import auth_token_list, auth_token_create
 urlpatterns = [
    path('auth_tokens/', auth_token_list, name='auth_token_list'),
    path('auth_tokens/create/', auth_token_create, name='auth_token_create'),
 ]
--- a/bsmain/views.py
+++ b/bsmain/views.py
@@ -0,0 +1,39 @@
 from django.shortcuts import render, redirect
 from django.http import Http404
 from django.contrib import messages
 from django.contrib.auth.decorators import user_passes_test
 from bugsink.decorators import atomic_for_request_method
 from .models import AuthToken
@atomic_for_request_method
@user_passes_test(lambda u: u.is_superuser)
 def auth_token_list(request):
    auth_tokens = AuthToken.objects.all()
    if request.method == 'POST':
        # DIT KOMT ZO WEL
        full_action_str = request.POST.get('action')
        action, pk = full_action_str.split(":", 1)
        if action == "delete":
            AuthToken.objects.get(pk=pk).delete()
            messages.success(request, 'Token deleted')
            return redirect('auth_token_list')
    return render(request, 'bsmain/auth_token_list.html', {
        'auth_tokens': auth_tokens,
    })
@atomic_for_request_method
@user_passes_test(lambda u: u.is_superuser)
 def auth_token_create(request):
    if request.method != 'POST':
        raise Http404("Invalid request method")
    AuthToken.objects.create()
    return redirect("auth_token_list")
--- a/bugsink/urls.py
+++ b/bugsink/urls.py
@@ -56,6 +56,7 @@ urlpatterns = [
    path('events/', include('events.urls')),
    path('issues/', include('issues.urls')),
    path('files/', include('files.urls')),
    path('bsmain/', include('bsmain.urls')),
    path('admin/', admin.site.urls),
--- a/theme/templates/base.html
+++ b/theme/templates/base.html
@@ -33,6 +33,7 @@
                {% if user.is_superuser %}
                <a href="/users/"><div class="px-4 py-2 my-2 hover:bg-slate-300 rounded-xl">Users</div></a>
                <a href="/bsmain/auth_tokens/"><div class="px-4 py-2 my-2 hover:bg-slate-300 rounded-xl">Tokens</div></a>
                {% endif %}
                {% if logged_in_user.is_anonymous %}