You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by gc...@apache.org on 2021/12/22 18:36:41 UTC
[allura] branch gc/8405 created (now dad75f5)
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a change to branch gc/8405
in repository https://gitbox.apache.org/repos/asf/allura.git.
at dad75f5 8405 added last_access field to save the last access date for OAuth tokens
This branch includes the following new commits:
new dad75f5 8405 added last_access field to save the last access date for OAuth tokens
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[allura] 01/01: 8405 added last_access field to save the last access date for OAuth tokens
Posted by gc...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch gc/8405
in repository https://gitbox.apache.org/repos/asf/allura.git
commit dad75f52a7b634e57c6c9a836065c7c4be10ec71
Author: Guillermo Cruz <gu...@slashdotmedia.com>
AuthorDate: Wed Dec 22 11:35:33 2021 -0700
8405 added last_access field to save the last access date for OAuth tokens
---
Allura/allura/controllers/rest.py | 3 +++
Allura/allura/model/oauth.py | 3 +++
Allura/allura/templates/oauth_applications.html | 3 +++
3 files changed, 9 insertions(+)
diff --git a/Allura/allura/controllers/rest.py b/Allura/allura/controllers/rest.py
index dbd9817..34f4118 100644
--- a/Allura/allura/controllers/rest.py
+++ b/Allura/allura/controllers/rest.py
@@ -43,6 +43,7 @@ from allura.lib.decorators import require_post
from allura.lib.project_create_helpers import make_newproject_schema, deserialize_project, create_project_with_attrs
from allura.lib.security import has_access
import six
+from datetime import datetime
log = logging.getLogger(__name__)
@@ -150,6 +151,7 @@ class OAuthNegotiator(object):
if not (access_token and access_token.is_bearer):
request.environ['tg.status_code_redirect'] = True
raise exc.HTTPUnauthorized
+ access_token.last_access = datetime.utcnow()
return access_token
req = oauth.Request.from_request(
request.method,
@@ -178,6 +180,7 @@ class OAuthNegotiator(object):
except oauth.Error as e:
log.error('Invalid signature %s %s', type(e), e)
raise exc.HTTPUnauthorized
+ access_token.last_access = datetime.utcnow()
return access_token
@expose()
diff --git a/Allura/allura/model/oauth.py b/Allura/allura/model/oauth.py
index cd585c5..479d52f 100644
--- a/Allura/allura/model/oauth.py
+++ b/Allura/allura/model/oauth.py
@@ -19,6 +19,8 @@ from __future__ import unicode_literals
from __future__ import absolute_import
import logging
import typing
+from datetime import datetime
+
import oauth2 as oauth
from tg import tmpl_context as c, app_globals as g
@@ -58,6 +60,7 @@ class OAuthToken(MappedClass):
type = FieldProperty(str)
api_key = FieldProperty(str, if_missing=lambda: h.nonce(20))
secret_key = FieldProperty(str, if_missing=h.cryptographic_nonce)
+ last_access = FieldProperty(datetime)
def to_string(self):
return oauth.Token(self.api_key, self.secret_key).to_string()
diff --git a/Allura/allura/templates/oauth_applications.html b/Allura/allura/templates/oauth_applications.html
index 7506975..9114f3d 100644
--- a/Allura/allura/templates/oauth_applications.html
+++ b/Allura/allura/templates/oauth_applications.html
@@ -90,6 +90,9 @@
<th>Bearer Token:</th><td>{{access_token.api_key}}</td>
</tr>
{% endif %}
+ <tr>
+ <th>Last Access:</th><td>{% if access_token.last_access %} {{ access_token.last_access.strftime('%a %b %d, %Y %I:%M %p UTC') }} {% endif %}</td>
+ </tr>
<tr class="controls">
<td colspan="2">
<form method="POST" action="revoke_access_token" class="revoke_access_token">