Add a banner to the Quay UI when an app specific token is about to expire
This commit is contained in:
Joseph Schorr
parent
5b4f5f9859
commit
888b564a9b
9 changed files with 60 additions and 9 deletions
|
|
@ -1,19 +1,25 @@
|
|||
""" Manages app specific tokens for the current user. """
|
||||
|
||||
import logging
|
||||
import math
|
||||
|
||||
from datetime import timedelta
|
||||
from flask import request
|
||||
|
||||
import features
|
||||
|
||||
from app import app
|
||||
from auth.auth_context import get_authenticated_user
|
||||
from data import model
|
||||
from endpoints.api import (ApiResource, nickname, resource, validate_json_request,
|
||||
log_action, require_user_admin, require_fresh_login,
|
||||
path_param, NotFound, format_date, show_if)
|
||||
path_param, NotFound, format_date, show_if, query_param, parse_args,
|
||||
truthy_bool)
|
||||
from util.timedeltastring import convert_to_timedelta
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def token_view(token, include_code=False):
|
||||
data = {
|
||||
'uuid': token.uuid,
|
||||
|
|
@ -30,6 +36,11 @@ def token_view(token, include_code=False):
|
|||
|
||||
return data
|
||||
|
||||
|
||||
# The default window to use when looking up tokens that will be expiring.
|
||||
_DEFAULT_TOKEN_EXPIRATION_WINDOW = '4w'
|
||||
|
||||
|
||||
@resource('/v1/user/apptoken')
|
||||
@show_if(features.APP_SPECIFIC_TOKENS)
|
||||
class AppTokens(ApiResource):
|
||||
|
|
@ -51,11 +62,23 @@ class AppTokens(ApiResource):
|
|||
|
||||
@require_user_admin
|
||||
@nickname('listAppTokens')
|
||||
def get(self):
|
||||
@parse_args()
|
||||
@query_param('expiring', 'If true, only returns those tokens expiring soon', type=truthy_bool)
|
||||
def get(self, parsed_args):
|
||||
""" Lists the app specific tokens for the user. """
|
||||
tokens = model.appspecifictoken.list_tokens(get_authenticated_user())
|
||||
expiring = parsed_args['expiring']
|
||||
if expiring:
|
||||
expiration = app.config.get('APP_SPECIFIC_TOKEN_EXPIRATION')
|
||||
token_expiration = convert_to_timedelta(expiration or _DEFAULT_TOKEN_EXPIRATION_WINDOW)
|
||||
seconds = math.ceil(token_expiration.total_seconds() * 0.1) or 1
|
||||
soon = timedelta(seconds=seconds)
|
||||
tokens = model.appspecifictoken.get_expiring_tokens(get_authenticated_user(), soon)
|
||||
else:
|
||||
tokens = model.appspecifictoken.list_tokens(get_authenticated_user())
|
||||
|
||||
return {
|
||||
'tokens': [token_view(token, include_code=False) for token in tokens],
|
||||
'only_expiring': expiring,
|
||||
}
|
||||
|
||||
@require_user_admin
|
||||
|
|
|
|||
Reference in a new issue