fix double login bug with db constraint, only show new users as requestable, add flash messages
This commit is contained in:
parent
ad4e95f98c
commit
7ccb7b9150
9 changed files with 65 additions and 72 deletions
|
@ -88,6 +88,7 @@
|
|||
</div>
|
||||
</div>
|
||||
</nav>
|
||||
{% include "parts/flash.html" %}
|
||||
<section class="section">
|
||||
<div class="container">
|
||||
<div id="view">
|
||||
|
@ -145,7 +146,8 @@
|
|||
<div class="control">
|
||||
<div class="select">
|
||||
<select name="to_id" id="to_id">
|
||||
{% for user in other_users %}
|
||||
<option hidden disabled selected value> -- select an option -- </option>
|
||||
{% for user in non_requested_users %}
|
||||
<option value="{{user.id}}">{{user.name}}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
|
|
16
resources/html/parts/flash.html
Normal file
16
resources/html/parts/flash.html
Normal file
|
@ -0,0 +1,16 @@
|
|||
{% if flash %}
|
||||
|
||||
<div class="section">
|
||||
<div class="container">
|
||||
|
||||
{% if flash.error %}
|
||||
<div class="notification is-danger">
|
||||
<button class="delete" onclick="removeThis(this);"></button>
|
||||
{{ flash.error }}
|
||||
</div>
|
||||
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% endif %}
|
|
@ -0,0 +1,3 @@
|
|||
ALTER TABLE users
|
||||
DROP INDEX UC_user;
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
ALTER TABLE users
|
||||
ADD CONSTRAINT UC_user UNIQUE (zeusid);
|
|
@ -23,3 +23,7 @@ document.addEventListener('DOMContentLoaded', () => {
|
|||
}
|
||||
|
||||
});
|
||||
|
||||
function removeThis(ele) {
|
||||
ele.parentNode.remove();
|
||||
}
|
|
@ -62,7 +62,7 @@ WHERE id = :id
|
|||
|
||||
-- :name get-relation-requests-from-user :? :*
|
||||
-- :doc retrieves all relations requests that a user made
|
||||
SELECT rr.id as rr_id, rr.status, u_to.name as to_name FROM relation_requests as rr
|
||||
SELECT rr.id as rr_id, rr.status, u_to.name as to_name, u_to.id as to_id FROM relation_requests as rr
|
||||
JOIN users u_to on rr.to_id = u_to.id
|
||||
WHERE from_id = :from_id
|
||||
|
||||
|
|
|
@ -1,42 +0,0 @@
|
|||
(ns cat.oauth
|
||||
(:require [cat.config :refer [env]]
|
||||
[oauth.client :as oauth]
|
||||
[mount.core :refer [defstate]]
|
||||
[clojure.tools.logging :as log]))
|
||||
|
||||
(defstate consumer
|
||||
:start (oauth/make-consumer
|
||||
(env :oauth-consumer-key)
|
||||
(env :oauth-consumer-secret)
|
||||
(env :request-token-uri)
|
||||
(env :access-token-uri)
|
||||
(env :authorize-uri)
|
||||
:hmac-sha1))
|
||||
|
||||
(defn oauth-callback-uri
|
||||
"Generates the oauth request callback URI"
|
||||
[{:keys [headers]}]
|
||||
(let [callback-url (str "http://" (headers "host") "/oauth/oauth-callback")]
|
||||
(println "Generated callback url:" callback-url)
|
||||
callback-url))
|
||||
|
||||
(defn fetch-request-token
|
||||
"Fetches a request token."
|
||||
[request]
|
||||
(let [callback-uri (oauth-callback-uri request)]
|
||||
(log/info "Fetching request token using callback-uri" callback-uri)
|
||||
(log/info "Oauth consumer: " consumer)
|
||||
(oauth/request-token consumer callback-uri {:grant_type "authorization_code"})))
|
||||
|
||||
(defn fetch-access-token
|
||||
[request_token]
|
||||
(oauth/access-token consumer request_token (:oauth_verifier request_token)))
|
||||
|
||||
(defn auth-redirect-uri
|
||||
"Gets the URI the user should be redirected to when authenticating."
|
||||
([request]
|
||||
(auth-redirect-uri request ""))
|
||||
([request request-token]
|
||||
(str (oauth/user-approval-uri consumer request-token {:response_type "code"
|
||||
:client_id (env :oauth-consumer-key)
|
||||
:redirect_uri (oauth-callback-uri request)}))))
|
|
@ -38,13 +38,6 @@
|
|||
|
||||
(defroutes home-routes
|
||||
(GET "/" req
|
||||
(log/info "------")
|
||||
(log/info "key: " (env :oauth-consumer-key))
|
||||
(log/info "secret: " (env :oauth-consumer-secret))
|
||||
(log/info "host: " (env :app-host))
|
||||
(log/info "token: " (env :access-token-uri))
|
||||
(log/info "auth uri: " (env :authorize-uri))
|
||||
(log/info "------")
|
||||
(let [users (get-users)
|
||||
relations (get-relations)
|
||||
user (-> (get-in req [:session :user]))
|
||||
|
@ -58,18 +51,22 @@
|
|||
(seq (filter (fn [usr] (not (= (:id usr) (:id user))))
|
||||
users)))
|
||||
rel-requests-out (seq (db/get-relation-requests-from-user {:from_id (:id user)}))
|
||||
rel-requests-in (seq (db/get-relation-requests-to-user {:to_id (:id user)}))]
|
||||
rel-requests-in (seq (db/get-relation-requests-to-user {:to_id (:id user)}))
|
||||
non_requested_users (seq (filter (fn [other-user] (not (some (partial = (:id other-user)) (map :to_id rel-requests-out)))) other_users))]
|
||||
(log/info (str "Session: " (:session req)))
|
||||
;(log/info (str "Relation requests: \n OUTGOING: " rel-requests-out "\n INCOMING: " rel-requests-in))
|
||||
;(log/info (str "User relations: " user-relations))
|
||||
;(log/info (str "Other Users: " other_users))
|
||||
;(log/info (str "rel reqs out: " rel-requests-out))
|
||||
;(log/info (str "rel reqs out id: " (seq (map :to_id rel-requests-out))))
|
||||
(home-page {:relations relations
|
||||
:users users
|
||||
:user user
|
||||
:user-relations user-relations
|
||||
:other_users other_users
|
||||
:rel-requests-out rel-requests-out
|
||||
:rel-requests-in rel-requests-in})))
|
||||
:rel-requests-in rel-requests-in
|
||||
:non_requested_users non_requested_users
|
||||
:flash (:flash req)})))
|
||||
;(GET "/docs" []
|
||||
; (-> (response/ok (-> "docs/docs.md" io/resource slurp))
|
||||
; (response/header "Content-Type" "text/plain; charset=utf-8")))
|
||||
|
@ -119,17 +116,20 @@
|
|||
[err result] (st/validate data request_relation-schema)
|
||||
from-id (get-in req [:session :user :id])]
|
||||
(if (nil? from-id) (response/found (error-page
|
||||
{:status 400
|
||||
:title "No user id found in session"})))
|
||||
{:status 400
|
||||
:title "No user id found in session"})))
|
||||
(log/info "Post to " (:uri req) "\n with data " result)
|
||||
(if (nil? err)
|
||||
(do
|
||||
(log/debug "Create relation request")
|
||||
(db/create-relation-request! {:from_id from-id
|
||||
:to_id (:to_id result)
|
||||
:status "open"})
|
||||
(response/found "/"))
|
||||
(do
|
||||
(response/bad-request "Incorrect input")))))
|
||||
(log/debug "Relation request failed")
|
||||
(log/debug err)
|
||||
(response/unprocessable-entity "Incorrect input")))))
|
||||
|
||||
; TODO make bottom 2 admin protected
|
||||
(POST "/relations" req
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
[cat.moauth :as mo]
|
||||
[cat.db.core :refer [*db*] :as db]))
|
||||
|
||||
(def admins #{10 ;flynn
|
||||
(def admins #{10 ;flynn
|
||||
})
|
||||
|
||||
(defn set-user! [user session redirect-url]
|
||||
|
@ -48,19 +48,27 @@
|
|||
(let [{:keys [access_token refresh_token]} (mo/get-authentication-response nil req_token)]
|
||||
(log/info "Successfully fetched access-id: " access_token)
|
||||
(log/info "Fetching user info")
|
||||
(let [user (mo/get-user-info access_token)]
|
||||
(log/info "User info: " user)
|
||||
(let [zeususer (db/get-zeus-user {:zeusid (:id user)})]
|
||||
(log/info "Zeus user from db: " zeususer)
|
||||
(if zeususer
|
||||
(set-user! zeususer session "/")
|
||||
(let [user-template {:name (:username user)
|
||||
:gender nil
|
||||
:zeusid (:id user)}
|
||||
generated-key (-> user-template
|
||||
(db/create-user!,,,))]
|
||||
(log/info "Created user: " generated-key)
|
||||
(set-user! (assoc user-template :id (:generated_key generated-key)) session "/"))))))))
|
||||
(let [fetched-user (mo/get-user-info access_token)]
|
||||
(log/info "Fetched user info: " fetched-user)
|
||||
(let [local-user (db/get-zeus-user {:zeusid (:id fetched-user)})]
|
||||
(log/info "Zeus user from db: " local-user)
|
||||
(if local-user
|
||||
(set-user! local-user session "/")
|
||||
(try
|
||||
(let [user-template {:name (:username fetched-user)
|
||||
:gender nil
|
||||
:zeusid (:id fetched-user)}
|
||||
generated-key (-> user-template
|
||||
(db/create-user!,,,))]
|
||||
(log/info "Created user: " generated-key)
|
||||
(set-user! (assoc user-template :id (:generated_key generated-key)) session "/"))
|
||||
(catch Exception e
|
||||
(do
|
||||
(log/warn "fetched user" fetched-user "already exists, but was not found")
|
||||
(log/warn (:cause (Throwable->map e)))
|
||||
(-> (found "/")
|
||||
(assoc :flash {:error "An error occurred, please try again."})))
|
||||
))))))))
|
||||
|
||||
;(catch [:status 401] _
|
||||
; (error-page {:status 401
|
||||
|
|
Loading…
Reference in a new issue