Mirrorlandia_minetest/contentdb
1
0
Fork 0
mirror of https://github.com/minetest/contentdb.git synced 2025-01-03 19:57:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

OAuth2: Allow normal users to create clients (but unapproved)

Browse Source
This commit is contained in:
rubenwardy 2023-10-31 20:29:49 +00:00
parent fa389273ab
commit 047bf936b4
3 changed files with 8 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/flatpages/help/oauth.md
View File

@ -1,19 +1,22 @@
title: OAuth2 API
<p class="alert alert-warning">
The OAuth2 applications API is currently experimental and invite only.
The OAuth2 applications API is currently experimental, and may break without notice.
</p>
ContentDB allows you to create an OAuth2 Application and obtain access tokens
for users.
## Scopes
OAuth2 applications can currently only access public user data, using the whoami API.
## Create an OAuth2 Client
Go to Settings > [OAuth2 Applications](/user/apps/) > Create
Note: If you don't see this then you don't have access to OAuth2 yet.
## Obtaining access tokens
@ -97,8 +100,3 @@ Next, you should check the access token works by getting the user information:
curl https://content.minetest.net/api/whoami/ \
-H "Authorization: Bearer YOURTOKEN"
```
## Scopes
OAuth2 applications can currently only access public user data, using the whoami API.

7
app/models/users.py
View File

@ -250,16 +250,11 @@ class User(db.Model, UserMixin):
return user == self or (user.rank.at_least(UserRank.MODERATOR) and not self.rank.at_least(user.rank))
elif perm == Permission.CHANGE_DISPLAY_NAME:
return user.rank.at_least(UserRank.NEW_MEMBER if user == self else UserRank.MODERATOR)
elif perm == Permission.CREATE_TOKEN:
elif perm == Permission.CREATE_TOKEN or perm == Permission.CREATE_OAUTH_CLIENT:
if user == self:
return user.rank.at_least(UserRank.NEW_MEMBER)
else:
return user.rank.at_least(UserRank.MODERATOR) and user.rank.at_least(self.rank)
elif perm == Permission.CREATE_OAUTH_CLIENT:
if user == self:
return user.rank.at_least(UserRank.EDITOR)
else:
return user.rank.at_least(UserRank.MODERATOR) and user.rank.at_least(self.rank)
else:
raise Exception("Permission {} is not related to users".format(perm.name))

2
app/templates/oauth/authorize.html
View File

@ -10,7 +10,7 @@
{% block content %}
<form method="POST" action="" class="text-center">
<article class="card d-inline-block text-start">
<article class="card d-inline-block text-start" style="min-width: 33%;">
<div class="card-body">
<h1 class="card-title">{{ self.title() }}</h1>
<div class="row my-4 align-items-center">