Code and documentation cleanup

2018-03-07 19:50:40 -06:00 · 2018-03-07 19:50:40 -06:00 · aa2963c0c6
commit aa2963c0c6
parent fd9c224c06
6 changed files with 51 additions and 36 deletions
--- a/API.md
+++ b/API.md
@ -1495,10 +1495,10 @@ data.

    Deletes existing user.

-## Listing tokens
+## Listing user tokens
 - **Request**

-    `GET /user-tokens/`
+    `GET /user-tokens/<user_name>`

 - **Output**

@ -1513,15 +1513,19 @@ data.

    Searches for users tokens for the currently logged in user.

-## Creating token
+## Creating a user token
 - **Request**

-    `POST /user-token`
+    `POST /user-token/<user_name>`

 - **Input**

    ```json5
-    {}
+    {
+        "enabled":    <enabled>, // optional
+        "note":       <note>, // optional
+        "expiration": <expiration>, // optional
+    }
    ```

 - **Output**
@ -1537,17 +1541,19 @@ data.
    Creates a new user token that can be used for authentication of api
    endpoints instead of a password.
    
-## Updating user
+## Updating a user token
 - **Request**

-    `PUT /user-token/<token>`
+    `PUT /user-token/<user_name>/<token>`

 - **Input**

    ```json5
    {
-        "version": <version>,
-        "enabled": <enabled>, // optional
+        "version":    <version>,
+        "enabled":    <enabled>, // optional
+        "note":       <note>, // optional
+        "expiration": <expiration>, // optional
    }
    ```

@ -1567,15 +1573,17 @@ data.
    except the [`version`](#versioning) are optional - update concerns only 
    provided fields.

-## Deleting token
+## Deleting a user token
 - **Request**

-    `DELETE /user-token/<token>`
+    `DELETE /user-token/<user_name>/<token>`

 - **Input**

    ```json5
-    {}
+    {
+        "version":    <version>,
+    }
    ```

 - **Output**
@ -1836,7 +1844,9 @@ A single user token.
 {
    "user":         <user>,
    "token":        <token>,
+    "note":         <token>,
    "enabled":      <enabled>,
+    "expiration":   <expiration>,
    "version":      <version>,
    "creationTime": <creation-time>,
    "lastEditTime": <last-edit-time>,
@ -1846,7 +1856,9 @@ A single user token.
 **Field meaning**
 - `<user>`: micro user. See [micro user](#micro-user).
 - `<token>`: the token that can be used to authenticate the user.
+- `<note>`: a note that describes the token.
 - `<enabled>`: whether the token is still valid for authentication.
+- `<expiration>`: time when the token expires.
 - `<version>`: resource version. See [versioning](#versioning).
 - `<creation-time>`: time the user token was created , formatted as per RFC 3339.
 - `<last-edit-time>`: time the user token was edited, formatted as per RFC 3339.
--- a/server/szurubooru/func/users.py
+++ b/server/szurubooru/func/users.py
@ -1,9 +1,7 @@
 from datetime import datetime
 from typing import Any, Optional, Union, List, Dict, Callable
-
 import re
 import sqlalchemy as sa
-
 from szurubooru import config, db, model, errors, rest
 from szurubooru.func import auth, util, serialization, files, images

--- a/server/szurubooru/migrations/versions/a39c7f98a7fa_add_user_token_table.py
+++ b/server/szurubooru/migrations/versions/a39c7f98a7fa_add_user_token_table.py
@ -26,11 +26,11 @@ def upgrade():
                    sa.Column('creation_time', sa.DateTime(), nullable=False),
                    sa.Column('last_edit_time', sa.DateTime(), nullable=True),
                    sa.Column('version', sa.Integer(), nullable=False),
-                    sa.ForeignKeyConstraint(['user_id'], ['user.id'],
-                                            ondelete='CASCADE'),
+                    sa.ForeignKeyConstraint(
+                        ['user_id'], ['user.id'], ondelete='CASCADE'),
                    sa.PrimaryKeyConstraint('id'))
-    op.create_index(op.f('ix_user_token_user_id'), 'user_token',
-                    ['user_id'], unique=False)
+    op.create_index(
+        op.f('ix_user_token_user_id'), 'user_token', ['user_id'], unique=False)


 def downgrade():
--- a/server/szurubooru/model/init.py
+++ b/server/szurubooru/model/init.py
@ -1,5 +1,5 @@
 from szurubooru.model.base import Base
-from szurubooru.model.user import (User, UserToken)
+from szurubooru.model.user import User, UserToken
 from szurubooru.model.tag_category import TagCategory
 from szurubooru.model.tag import Tag, TagName, TagSuggestion, TagImplication
 from szurubooru.model.post import (
--- a/server/szurubooru/tests/func/test_user_tokens.py
+++ b/server/szurubooru/tests/func/test_user_tokens.py
@ -12,14 +12,16 @@ def test_serialize_user_token(user_token_factory):
    with patch('szurubooru.func.users.get_avatar_url'):
        users.get_avatar_url.return_value = 'https://example.com/avatar.png'
        result = user_tokens.serialize_user_token(user_token, user_token.user)
-        assert result == {'creationTime': datetime(1997, 1, 1, 0, 0),
-                          'enabled': True,
-                          'lastEditTime': None,
-                          'token': 'dummy',
-                          'user': {
-                              'avatarUrl': 'https://example.com/avatar.png',
-                              'name': user_token.user.name},
-                          'version': 1}
+        assert result == {
+            'creationTime': datetime(1997, 1, 1, 0, 0),
+            'enabled': True,
+            'lastEditTime': None,
+            'token': 'dummy',
+            'user': {
+                'avatarUrl': 'https://example.com/avatar.png',
+                'name': user_token.user.name},
+            'version': 1
+        }


 def test_serialize_user_token_none():
--- a/server/szurubooru/tests/middleware/test_authenticator.py
+++ b/server/szurubooru/tests/middleware/test_authenticator.py
@ -14,9 +14,10 @@ def test_process_request_no_header(context_factory):

 def test_process_request_basic_auth_valid(context_factory, user_factory):
    user = user_factory()
-    ctx = context_factory(headers={
-        'Authorization': "Basic dGVzdFVzZXI6dGVzdFBhc3N3b3Jk"
-    })
+    ctx = context_factory(
+        headers={
+            'Authorization': "Basic dGVzdFVzZXI6dGVzdFBhc3N3b3Jk"
+        })
    with patch('szurubooru.func.auth.is_valid_password'), \
            patch('szurubooru.func.users.get_user_by_name'):
        users.get_user_by_name.return_value = user
@ -27,9 +28,10 @@ def test_process_request_basic_auth_valid(context_factory, user_factory):

 def test_process_request_token_auth_valid(context_factory, user_token_factory):
    user_token = user_token_factory()
-    ctx = context_factory(headers={
-        'Authorization': "Token dGVzdFVzZXI6dGVzdFRva2Vu"
-    })
+    ctx = context_factory(
+        headers={
+            'Authorization': "Token dGVzdFVzZXI6dGVzdFRva2Vu"
+        })
    with patch('szurubooru.func.auth.is_valid_token'), \
            patch('szurubooru.func.users.get_user_by_name'), \
            patch('szurubooru.func.user_tokens.get_by_user_and_token'):
@ -41,8 +43,9 @@ def test_process_request_token_auth_valid(context_factory, user_token_factory):


 def test_process_request_bad_header(context_factory):
-    ctx = context_factory(headers={
-        'Authorization': "Secret SuperSecretValue"
-    })
+    ctx = context_factory(
+        headers={
+            'Authorization': "Secret SuperSecretValue"
+        })
    with pytest.raises(errors.HttpBadRequest):
        authenticator.process_request(ctx)