big oauth improvements

2020-01-21 01:24:10 +01:00
parent d1dbbebffb
commit e0b3dd8d4a
18 changed files with 289 additions and 172 deletions
--- a/pages/Authorize.vue
+++ b/pages/Authorize.vue
@@ -1,37 +1,55 @@
 <template lang='pug'>
-    //- el-card.mt-5
-    //- div(slot='header')
-    //-   h4 <img src='/favicon.ico'/>   App authorization
-    div(v-if='client')
+  el-card.mt-5
+    h4(slot='header') <nuxt-link :to='"/"'><img src='/favicon.ico'/></nuxt-link> {{settings.title}} - {{$t('common.authorize')}}
+    div
      h5 <u>{{$auth.user.email}}</u>
-      p External application <b>{{client.name}}</b> want following permission grants:
+      p External application <code>{{client.name}}</code> want following permission grants:
      ul
-        li(v-for="scope in $route.query.scope.split(' ')") {{scope}}
-      span You will be redirected to <b>{{$route.query.redirect_uri}}</b>
+        li(v-for="s in scope.split(' ')") {{s}}
+      span(v-if='redirect_uri!=="urn:ietf:wg:oauth:2.0:oob"') You will be redirected to <code>{{$route.query.redirect_uri}}</code>
      el-row.mt-3(justify='center')
        el-col(:span='12' :offset='6' style='text-align: center')
          a(:href='authorizeURL')
            el-button.mr-1(plain type='success') {{$t('common.authorize')}}
-          a(to='/')
+          a(href='/')
            el-button.mt-1(plain type='warning') {{$t('common.cancel')}}
 </template>

 <script>
-import { mapActions, mapState } from 'vuex'
-import { Message } from 'element-ui'
-import get from 'lodash/get'
+import { mapState } from 'vuex'

 export default {
  layout: 'modal',
  name: 'Authorize',
  middleware: ['auth'],
-  async asyncData ({ $axios, query }) {
+  async asyncData ({ $axios, query, error, req }) {
+    const { client_id, redirect_uri, scope, response_type } = query
+    let err = ''
+    if (!client_id) {
+      err = 'client_id is missing'
+    }
+    if (!redirect_uri) {
+      err = 'redirect_uri is missing'
+    }
+    if (!scope || scope !== 'write') {
+      err = 'scope is missing or wrong'
+    }
+    if (!response_type || response_type !== 'code') {
+      err = 'response_type is missing or wrong'
+    }
+
    // retrieve client validity
    try {
-      const client = await $axios.$get(`/client/${query.client_id}`)
-      return { client }
+      const client = await $axios.$get(`/client/${client_id}`)
+      if (!client) {
+        err = 'client not found'
+      }
+      if (err) {
+        return error({ statusCode: 404, message: err })
+      }
+      return { client, redirect_uri, scope, response_type }
    } catch (e) {
-      console.error(e)
+      error({ statusCode: 400, message: 'Something goes wrong with OAuth authorization' })
    }
  },
  data () {
--- a/pages/Login.vue
+++ b/pages/Login.vue
@@ -5,10 +5,10 @@
      p(v-html="$t('login.description')")
      div(v-loading='loading')

-        el-input.mb-2(v-model='email' type='email' name='email' prefix-icon='el-icon-user'
+        el-input.mb-2(v-model='email' type='email' title='email' prefix-icon='el-icon-user'
          :placeholder='$t("common.email")' autocomplete='email' ref='email')

-        el-input.mb-1(v-model='password'  @keyup.enter.native="submit"
+        el-input.mb-1(v-model='password' @keyup.enter.native="submit"
          prefix-icon='el-icon-lock' name='password'
          type='password' :placeholder='$t("common.password")')

@@ -41,6 +41,9 @@ export default {
      return !this.email || !this.password
    }
  },
+  mounted () {
+    this.$refs.email.focus()
+  },
  methods: {
    ...mapActions(['login']),
    close () {
@@ -63,8 +66,8 @@ export default {
      try {
        this.loading = true
        await this.$auth.loginWith('local', { data: { email: this.email, password: this.password } })
-        const user = await this.$axios.$get('/auth/user')
-        this.$auth.setUser(user)
+        // const user = await this.$axios.$get('/auth/user')
+        // this.$auth.setUser(user)
        this.loading = false
        Message({ message: this.$t('login.ok'), showClose: true, type: 'success' })
        this.close()
--- a/pages/Register.vue
+++ b/pages/Register.vue
@@ -14,7 +14,6 @@

        el-input.mb-2(v-model='user.description' type="textarea" rows='3' :placeholder="$t('common.description')")

-      span(slot='footer')
        el-button(plain type="success" :disabled='disabled' @click='register') {{$t('common.send')}} <v-icon name='chevron-right'/>
 </template>

--- a/pages/add/_edit.vue
+++ b/pages/add/_edit.vue
@@ -1,5 +1,5 @@
 <template lang="pug">
-  el-main
+  el-main#edit_page
    h5.text-center {{edit?$t('common.edit_event'):$t('common.add_event')}}
    el-form(v-loading='loading')

@@ -18,10 +18,11 @@

      //- tags
      div {{$t('event.tag_description')}}
-      el-select.mb-3(v-model='event.tags' multiple filterable
-        @input.native='queryTags=$event.target.value' @change='queryTags=""'
-        allow-create default-first-option placeholder='Tag')
-        el-option(v-for='tag in filteredTags' :key='tag' :label='tag' :value='tag')
+      client-only
+        el-select.mb-3(v-model='event.tags' multiple filterable
+          @input.native='queryTags=$event.target.value' @change='queryTags=""'
+          allow-create default-first-option placeholder='Tag')
+          el-option(v-for='tag in filteredTags' :key='tag.tag' :label='tag.tag' :value='tag.tag')

      //- WHERE
      el-divider
@@ -69,8 +70,9 @@
          el-radio-button(v-for='whenPattern in whenPatterns' :label='whenPattern.key' :key='whenPatterns.key')
            span {{whenPattern.label}}

-      .text-center(inline)
-        el-form-item(:label="$t('event.from')")
+        //- form.el-form.text-center.inline.el-form-inline
+      .text-center
+        el-form-item(:label="$t('event.from')" width='100')
          el-time-select.mr-2(ref='time_start'
            v-model="time.start"
            :picker-options="{ start: '00:00', step: '00:30', end: '24:00'}")
@@ -79,7 +81,6 @@
            :picker-options="{start: '00:00', step: '00:30', end: '24:00'}")

      List(v-if='event.type==="normal" && todayEvents.length' :events='todayEvents' :title='$t("event.same_day")')
-      //- el-button.float-right(@click='next' type='succes' :disabled='!couldProceed') {{$t('common.next')}}

      //- MEDIA / FLYER / POSTER
      el-divider <v-icon name='image'/> {{$t('common.media')}}
@@ -114,18 +115,6 @@ export default {
  validate ({ store }) {
    return (store.state.auth.loggedIn || store.state.settings.allow_anon_event)
  },
-  // fetch ({ store, $axios }) {
-    // try {
-    // const now = new Date()
-    // const events = await $axios.$get(`/event/${now.getMonth()}/${now.getFullYear()}`)
-    // store.commit('setEvents', events)
-    // const { tags, places } = await $axios.$get('/event/meta')
-    // store.commit('update', { tags, places })
-    // } catch (e) {
-    // console.error('Error ', e)
-    // }
-  //   moment.locale(store.state.locale)
-  // },
  async asyncData ({ params, $axios, error, store }) {
    if (params.edit) {
      const data = { time: {}, event: { place: {} } }
@@ -267,8 +256,9 @@ export default {
    filteredTags () {
      const queryTags = this.queryTags.toLowerCase()
      return _(this.tags)
-        .filter(t => !this.event.tags.includes(t))
-        .filter(t => t.includes(queryTags))
+        .filter(t => !this.event.tags.includes(t.tag))
+        .filter(t => t.tag.includes(queryTags))
+        // .pick('tag')
        .take(5)
        .value()
    },
@@ -418,6 +408,10 @@ i {
  max-width: 600px;
 }

+#edit_page .el-form-item {
+    display: inline-flex;
+}
+
 .el-upload,
 .el-upload-dragger {
  overflow: hidden;
--- a/pages/embed/_event_id.vue
+++ b/pages/embed/_event_id.vue
@@ -61,28 +61,29 @@ export default {
 */
 </script>
 <style lang='less'>
-.embed_event{
-
-a {
-  transition: margin .1s;
-}
-
-a:hover {
-  transform: prospective(10) translateX(10);
-  margin-left: 5px;
-}
-
 .embed_event {
+  transition: margin .1s;
  background-image: url('/favicon.ico');
  background-repeat: no-repeat;
  background-position-x: right;
  background-position-y: bottom;
-  img {
-    width: 150px;
-    object-fit: cover;
-    object-position: top;
-    margin-right: 5px;
-    height: 100%;
+  background-color: #1f1f1f;
+
+  display: inline-block;
+  border: 1px solid #b1a3a3;
+  margin: 0px auto;
+  padding: 0px;
+  width: 400px;
+  height: 210px;
+  overflow: hidden;
+  border-radius: 10px;
+  // transition: all .2s;
+  margin: 0px;
+
+  &:hover {
+    transform: prospective(10) translateX(10);
+    margin-left: 5px;
+    text-decoration: none;
  }

  .event-info {
@@ -97,20 +98,13 @@ a:hover {
    }
  }

-  background-color: #1f1f1f;
-  display: inline-block;
-  border: 1px solid #b1a3a3;
-  margin: 0px auto;
-  padding: 0px;
-  width: 400px;
-  height: 210px;
-  overflow: hidden;
-  border-radius: 10px;
-  // transition: all .2s;
-  margin: 0px;
+  img {
+    width: 150px;
+    object-fit: cover;
+    object-position: top;
+    margin-right: 5px;
+    height: 100%;
+  }
+
 }
-}
-// .embed_event:hover {
-  // transform: scale(1.03);
-// }
-</style>
+</style>
--- a/pages/event/_id.vue
+++ b/pages/event/_id.vue
@@ -39,8 +39,7 @@
            el-menu-item(@click='showEmbed=true') <i class='el-icon-copy-document'></i> {{$t('common.embed')}}

            //- TODO (ics of recurrent events)
-            //- el-menu-item(v-if='!event.recurrent')
-            el-menu-item
+            el-menu-item(v-if='!event.recurrent')
              a(:href='`${settings.baseurl}/api/event/${event.id}.ics`') <i class='el-icon-date'></i> {{$t('common.add_to_calendar')}}
          EventAdmin(v-if='is_mine' :event='event')

@@ -96,7 +95,7 @@ export default {
        : event.start_datetime
      // const now = new Date()
      // const events = await $axios.$get(
-        // `/event/${now.getMonth()}/${now.getFullYear()}`
+      // `/event/${now.getMonth()}/${now.getFullYear()}`
      // )
      // store.commit('setEvents', events)
      return { event, id: Number(id) }
@@ -281,7 +280,7 @@ export default {
      await this.$axios.post('/instances/toggle_user_block', { user_id: resource.apUserApId })
      Message({ message: this.$t('admin.user_blocked', { user: resource.apUserApId }), type: 'success', showClose: true })
    },
-    async deleteResource (resource) {
+    deleteResource (resource) {
      MessageBox.confirm(this.$t('admin.delete_resource_confirm'),
        this.$t('common.confirm'), {
          confirmButtonText: this.$t('common.ok'),
--- a/pages/export.vue
+++ b/pages/export.vue
@@ -83,18 +83,18 @@ export default {
      }

      if (this.filters.places.length) {
-        params.push(`places=${this.filters.places}`)
+        params.push(`places=${this.filters.places.map(p => p.id)}`)
      }

      if (this.filters.tags.length) {
-        params.push(`tags=${this.filters.tags}`)
+        params.push(`tags=${this.filters.tags.map(t => t.id)}`)
      }

      return `<iframe style='border: 0px; width: 100%;' src="${this.settings.baseurl}/embed/list?${params.join('&')}"></iframe>`
    },
    link () {
-      const tags = this.filters.tags.join(',')
-      const places = this.filters.places.join(',')
+      const tags = this.filters.tags.map(t => t.id).join(',')
+      const places = this.filters.places.map(p => p.id).join(',')
      let query = ''
      if (tags || places) {
        query = '?'
--- a/pages/index.vue
+++ b/pages/index.vue
@@ -3,13 +3,12 @@
 </template>
 <script>
 import Home from '~/components/Home.vue'
-import Nav from '~/components/Nav.vue'
 import moment from 'moment-timezone'
 import { mapState } from 'vuex'

 export default {
  name: 'Index',
-  components: { Nav, Home },
+  components: { Home },
  fetch ({ store }) {
    moment.tz.setDefault(store.state.settings.instance_timezone)
  },