fix double login bug with db constraint, only show new users as requestable, add flash messages
This commit is contained in:
parent
ad4e95f98c
commit
7ccb7b9150
9 changed files with 65 additions and 72 deletions
|
@ -88,6 +88,7 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</nav>
|
</nav>
|
||||||
|
{% include "parts/flash.html" %}
|
||||||
<section class="section">
|
<section class="section">
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<div id="view">
|
<div id="view">
|
||||||
|
@ -145,7 +146,8 @@
|
||||||
<div class="control">
|
<div class="control">
|
||||||
<div class="select">
|
<div class="select">
|
||||||
<select name="to_id" id="to_id">
|
<select name="to_id" id="to_id">
|
||||||
{% for user in other_users %}
|
<option hidden disabled selected value> -- select an option -- </option>
|
||||||
|
{% for user in non_requested_users %}
|
||||||
<option value="{{user.id}}">{{user.name}}</option>
|
<option value="{{user.id}}">{{user.name}}</option>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</select>
|
</select>
|
||||||
|
|
16
resources/html/parts/flash.html
Normal file
16
resources/html/parts/flash.html
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{% if flash %}
|
||||||
|
|
||||||
|
<div class="section">
|
||||||
|
<div class="container">
|
||||||
|
|
||||||
|
{% if flash.error %}
|
||||||
|
<div class="notification is-danger">
|
||||||
|
<button class="delete" onclick="removeThis(this);"></button>
|
||||||
|
{{ flash.error }}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{% endif %}
|
|
@ -0,0 +1,3 @@
|
||||||
|
ALTER TABLE users
|
||||||
|
DROP INDEX UC_user;
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
ALTER TABLE users
|
||||||
|
ADD CONSTRAINT UC_user UNIQUE (zeusid);
|
|
@ -23,3 +23,7 @@ document.addEventListener('DOMContentLoaded', () => {
|
||||||
}
|
}
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
function removeThis(ele) {
|
||||||
|
ele.parentNode.remove();
|
||||||
|
}
|
|
@ -62,7 +62,7 @@ WHERE id = :id
|
||||||
|
|
||||||
-- :name get-relation-requests-from-user :? :*
|
-- :name get-relation-requests-from-user :? :*
|
||||||
-- :doc retrieves all relations requests that a user made
|
-- :doc retrieves all relations requests that a user made
|
||||||
SELECT rr.id as rr_id, rr.status, u_to.name as to_name FROM relation_requests as rr
|
SELECT rr.id as rr_id, rr.status, u_to.name as to_name, u_to.id as to_id FROM relation_requests as rr
|
||||||
JOIN users u_to on rr.to_id = u_to.id
|
JOIN users u_to on rr.to_id = u_to.id
|
||||||
WHERE from_id = :from_id
|
WHERE from_id = :from_id
|
||||||
|
|
||||||
|
|
|
@ -1,42 +0,0 @@
|
||||||
(ns cat.oauth
|
|
||||||
(:require [cat.config :refer [env]]
|
|
||||||
[oauth.client :as oauth]
|
|
||||||
[mount.core :refer [defstate]]
|
|
||||||
[clojure.tools.logging :as log]))
|
|
||||||
|
|
||||||
(defstate consumer
|
|
||||||
:start (oauth/make-consumer
|
|
||||||
(env :oauth-consumer-key)
|
|
||||||
(env :oauth-consumer-secret)
|
|
||||||
(env :request-token-uri)
|
|
||||||
(env :access-token-uri)
|
|
||||||
(env :authorize-uri)
|
|
||||||
:hmac-sha1))
|
|
||||||
|
|
||||||
(defn oauth-callback-uri
|
|
||||||
"Generates the oauth request callback URI"
|
|
||||||
[{:keys [headers]}]
|
|
||||||
(let [callback-url (str "http://" (headers "host") "/oauth/oauth-callback")]
|
|
||||||
(println "Generated callback url:" callback-url)
|
|
||||||
callback-url))
|
|
||||||
|
|
||||||
(defn fetch-request-token
|
|
||||||
"Fetches a request token."
|
|
||||||
[request]
|
|
||||||
(let [callback-uri (oauth-callback-uri request)]
|
|
||||||
(log/info "Fetching request token using callback-uri" callback-uri)
|
|
||||||
(log/info "Oauth consumer: " consumer)
|
|
||||||
(oauth/request-token consumer callback-uri {:grant_type "authorization_code"})))
|
|
||||||
|
|
||||||
(defn fetch-access-token
|
|
||||||
[request_token]
|
|
||||||
(oauth/access-token consumer request_token (:oauth_verifier request_token)))
|
|
||||||
|
|
||||||
(defn auth-redirect-uri
|
|
||||||
"Gets the URI the user should be redirected to when authenticating."
|
|
||||||
([request]
|
|
||||||
(auth-redirect-uri request ""))
|
|
||||||
([request request-token]
|
|
||||||
(str (oauth/user-approval-uri consumer request-token {:response_type "code"
|
|
||||||
:client_id (env :oauth-consumer-key)
|
|
||||||
:redirect_uri (oauth-callback-uri request)}))))
|
|
|
@ -38,13 +38,6 @@
|
||||||
|
|
||||||
(defroutes home-routes
|
(defroutes home-routes
|
||||||
(GET "/" req
|
(GET "/" req
|
||||||
(log/info "------")
|
|
||||||
(log/info "key: " (env :oauth-consumer-key))
|
|
||||||
(log/info "secret: " (env :oauth-consumer-secret))
|
|
||||||
(log/info "host: " (env :app-host))
|
|
||||||
(log/info "token: " (env :access-token-uri))
|
|
||||||
(log/info "auth uri: " (env :authorize-uri))
|
|
||||||
(log/info "------")
|
|
||||||
(let [users (get-users)
|
(let [users (get-users)
|
||||||
relations (get-relations)
|
relations (get-relations)
|
||||||
user (-> (get-in req [:session :user]))
|
user (-> (get-in req [:session :user]))
|
||||||
|
@ -58,18 +51,22 @@
|
||||||
(seq (filter (fn [usr] (not (= (:id usr) (:id user))))
|
(seq (filter (fn [usr] (not (= (:id usr) (:id user))))
|
||||||
users)))
|
users)))
|
||||||
rel-requests-out (seq (db/get-relation-requests-from-user {:from_id (:id user)}))
|
rel-requests-out (seq (db/get-relation-requests-from-user {:from_id (:id user)}))
|
||||||
rel-requests-in (seq (db/get-relation-requests-to-user {:to_id (:id user)}))]
|
rel-requests-in (seq (db/get-relation-requests-to-user {:to_id (:id user)}))
|
||||||
|
non_requested_users (seq (filter (fn [other-user] (not (some (partial = (:id other-user)) (map :to_id rel-requests-out)))) other_users))]
|
||||||
(log/info (str "Session: " (:session req)))
|
(log/info (str "Session: " (:session req)))
|
||||||
;(log/info (str "Relation requests: \n OUTGOING: " rel-requests-out "\n INCOMING: " rel-requests-in))
|
;(log/info (str "Relation requests: \n OUTGOING: " rel-requests-out "\n INCOMING: " rel-requests-in))
|
||||||
;(log/info (str "User relations: " user-relations))
|
;(log/info (str "User relations: " user-relations))
|
||||||
;(log/info (str "Other Users: " other_users))
|
;(log/info (str "Other Users: " other_users))
|
||||||
|
;(log/info (str "rel reqs out: " rel-requests-out))
|
||||||
|
;(log/info (str "rel reqs out id: " (seq (map :to_id rel-requests-out))))
|
||||||
(home-page {:relations relations
|
(home-page {:relations relations
|
||||||
:users users
|
:users users
|
||||||
:user user
|
:user user
|
||||||
:user-relations user-relations
|
:user-relations user-relations
|
||||||
:other_users other_users
|
|
||||||
:rel-requests-out rel-requests-out
|
:rel-requests-out rel-requests-out
|
||||||
:rel-requests-in rel-requests-in})))
|
:rel-requests-in rel-requests-in
|
||||||
|
:non_requested_users non_requested_users
|
||||||
|
:flash (:flash req)})))
|
||||||
;(GET "/docs" []
|
;(GET "/docs" []
|
||||||
; (-> (response/ok (-> "docs/docs.md" io/resource slurp))
|
; (-> (response/ok (-> "docs/docs.md" io/resource slurp))
|
||||||
; (response/header "Content-Type" "text/plain; charset=utf-8")))
|
; (response/header "Content-Type" "text/plain; charset=utf-8")))
|
||||||
|
@ -124,12 +121,15 @@
|
||||||
(log/info "Post to " (:uri req) "\n with data " result)
|
(log/info "Post to " (:uri req) "\n with data " result)
|
||||||
(if (nil? err)
|
(if (nil? err)
|
||||||
(do
|
(do
|
||||||
|
(log/debug "Create relation request")
|
||||||
(db/create-relation-request! {:from_id from-id
|
(db/create-relation-request! {:from_id from-id
|
||||||
:to_id (:to_id result)
|
:to_id (:to_id result)
|
||||||
:status "open"})
|
:status "open"})
|
||||||
(response/found "/"))
|
(response/found "/"))
|
||||||
(do
|
(do
|
||||||
(response/bad-request "Incorrect input")))))
|
(log/debug "Relation request failed")
|
||||||
|
(log/debug err)
|
||||||
|
(response/unprocessable-entity "Incorrect input")))))
|
||||||
|
|
||||||
; TODO make bottom 2 admin protected
|
; TODO make bottom 2 admin protected
|
||||||
(POST "/relations" req
|
(POST "/relations" req
|
||||||
|
|
|
@ -48,19 +48,27 @@
|
||||||
(let [{:keys [access_token refresh_token]} (mo/get-authentication-response nil req_token)]
|
(let [{:keys [access_token refresh_token]} (mo/get-authentication-response nil req_token)]
|
||||||
(log/info "Successfully fetched access-id: " access_token)
|
(log/info "Successfully fetched access-id: " access_token)
|
||||||
(log/info "Fetching user info")
|
(log/info "Fetching user info")
|
||||||
(let [user (mo/get-user-info access_token)]
|
(let [fetched-user (mo/get-user-info access_token)]
|
||||||
(log/info "User info: " user)
|
(log/info "Fetched user info: " fetched-user)
|
||||||
(let [zeususer (db/get-zeus-user {:zeusid (:id user)})]
|
(let [local-user (db/get-zeus-user {:zeusid (:id fetched-user)})]
|
||||||
(log/info "Zeus user from db: " zeususer)
|
(log/info "Zeus user from db: " local-user)
|
||||||
(if zeususer
|
(if local-user
|
||||||
(set-user! zeususer session "/")
|
(set-user! local-user session "/")
|
||||||
(let [user-template {:name (:username user)
|
(try
|
||||||
|
(let [user-template {:name (:username fetched-user)
|
||||||
:gender nil
|
:gender nil
|
||||||
:zeusid (:id user)}
|
:zeusid (:id fetched-user)}
|
||||||
generated-key (-> user-template
|
generated-key (-> user-template
|
||||||
(db/create-user!,,,))]
|
(db/create-user!,,,))]
|
||||||
(log/info "Created user: " generated-key)
|
(log/info "Created user: " generated-key)
|
||||||
(set-user! (assoc user-template :id (:generated_key generated-key)) session "/"))))))))
|
(set-user! (assoc user-template :id (:generated_key generated-key)) session "/"))
|
||||||
|
(catch Exception e
|
||||||
|
(do
|
||||||
|
(log/warn "fetched user" fetched-user "already exists, but was not found")
|
||||||
|
(log/warn (:cause (Throwable->map e)))
|
||||||
|
(-> (found "/")
|
||||||
|
(assoc :flash {:error "An error occurred, please try again."})))
|
||||||
|
))))))))
|
||||||
|
|
||||||
;(catch [:status 401] _
|
;(catch [:status 401] _
|
||||||
; (error-page {:status 401
|
; (error-page {:status 401
|
||||||
|
|
Loading…
Reference in a new issue