Record API SSO status (#568)

Added sso_verified flag to EveApiKeyPair Set sso_verified flag when user validates API key Allow users to SSO validate existing API keys
2025-07-15 23:40:17 +02:00 · 2016-11-01 23:22:15 -04:00 · 2016-11-01 23:22:15 -04:00 · 98e1689aab
commit 98e1689aab
parent e77c162fa0
4 changed files with 52 additions and 4 deletions
--- a/eveonline/migrations/0004_eveapikeypair_sso_verified.py
+++ b/eveonline/migrations/0004_eveapikeypair_sso_verified.py
@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.2 on 2016-11-01 04:20
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('eveonline', '0003_auto_20161026_0149'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='eveapikeypair',
+            name='sso_verified',
+            field=models.BooleanField(default=False),
+        ),
+    ]
--- a/eveonline/models.py
+++ b/eveonline/models.py
@ -25,6 +25,7 @@ class EveApiKeyPair(models.Model):
    api_id = models.CharField(max_length=254)
    api_key = models.CharField(max_length=254)
    user = models.ForeignKey(User, blank=True, null=True)
+    sso_verified = models.BooleanField(default=False)

    def __str__(self):
        return self.api_id
--- a/eveonline/views.py
+++ b/eveonline/views.py
@ -73,15 +73,20 @@ def add_api_key(request):
 def api_sso_validate(request, tokens, api_id):
    logger.debug('api_sso_validate called by user %s for api %s' % (request.user, api_id))
    api = get_object_or_404(EveApiKeyPair, api_id=api_id)
-    if api.user:
+    if api.user and api.user != request.user:
        logger.warning('User %s attempting to take ownership of api %s from %s' % (request.user, api_id, api.user))
        messages.warning(request, 'API %s already claimed by user %s' % (api_id, api.user))
        return redirect('auth_api_key_management')
+    elif api.sso_verified:
+        logger.debug('API %s has already been verified.' % api_id)
+        messages.info(request, 'API %s has already been verified' % api_id)
+        return redirect('auth_api_key_management')
    token = tokens[0]
-    logger.debug('API %s has no owner. Checking if token for %s matches.' % (api_id, token.character_name))
+    logger.debug('API %s has not been verified. Checking if token for %s matches.' % (api_id, token.character_name))
    characters = EveApiManager.get_characters_from_api(api.api_id, api.api_key).result
    if token.character_id in characters:
        api.user = request.user
+        api.sso_verified = True
        api.save()
        EveCharacter.objects.filter(character_id__in=characters).update(user=request.user, api_id=api_id)
        messages.success(request, 'Confirmed ownership of API %s' % api.api_id)
@ -92,12 +97,15 @@ def api_sso_validate(request, tokens, api_id):
    else:
        messages.warning(request, '%s not found on API %s. Please SSO as a character on the API.' % (token.character_name, api.api_id))
    return render(request, 'registered/apisso.html', context={'api':api})
-    
+

@login_required
 def api_key_management_view(request):
    logger.debug("api_key_management_view called by user %s" % request.user)
-    context = {'apikeypairs': EveManager.get_api_key_pairs(request.user.id)}
+    context = {
+        'apikeypairs': EveManager.get_api_key_pairs(request.user.id),
+        'api_sso_validation': settings.API_SSO_VALIDATION or False
+    }

    return render(request, 'registered/apikeymanagment.html', context=context)

--- a/stock/templates/registered/apikeymanagment.html
+++ b/stock/templates/registered/apikeymanagment.html
@ -20,11 +20,24 @@
                <table class="table">
                    <tr>
                        <th class="text-center">{% trans "API ID" %}</th>
+                        {% if api_sso_validation %}
+                        <th class="text-center">{% trans "SSO Verified" %}</th>
+                        {% endif %}
                        <th class="text-center">{% trans "Action" %}</th>
                    </tr>
                    {% for pair in apikeypairs %}
                        <tr>
                            <td class="text-center">{{ pair.api_id }}</td>
+                            {% if api_sso_validation %}
+                            <th class="text-center" style="font-size: 2em;">
+                                {% if pair.sso_verified %}
+                                <span class="glyphicon glyphicon-ok text-success" title="API key verified"></span>
+                                {% else %}
+                                <span class="glyphicon glyphicon-remove text-danger" title="API key not verified">
+                                </span>
+                                {% endif %}
+                            </th>
+                            {% endif %}
                            <td class="text-center">
                                <a href="{% url 'auth_user_refresh_api' pair.api_id %}" class="btn btn-success">
                                    <span class="glyphicon glyphicon-refresh"></span>
@ -32,6 +45,12 @@
                                <a href="{% url 'auth_api_key_removal' pair.api_id %}" class="btn btn-danger">
                                    <span class="glyphicon glyphicon-remove"></span>
                                </a>
+                                {% if api_sso_validation and not pair.sso_verified %}
+                                <a href="{% url 'auth_api_sso' pair.api_id %}" class="btn btn-info"
+                                   title="EVE SSO verify this key">
+                                    <i class="fa fa-shield" aria-hidden="true"></i>
+                                </a>
+                                {% endif %}
                            </td>
                        </tr>
                    {% endfor %}