From aa2963c0c689a0c49e0ed44353b87599e74db765 Mon Sep 17 00:00:00 2001
From: ReAnzu <anzu@reanzu.com>
Date: Wed, 7 Mar 2018 19:50:40 -0600
Subject: [PATCH] Code and documentation cleanup

---
 API.md                                        | 36 ++++++++++++-------
 server/szurubooru/func/users.py               |  2 --
 .../a39c7f98a7fa_add_user_token_table.py      |  8 ++---
 server/szurubooru/model/__init__.py           |  2 +-
 .../szurubooru/tests/func/test_user_tokens.py | 18 +++++-----
 .../tests/middleware/test_authenticator.py    | 21 ++++++-----
 6 files changed, 51 insertions(+), 36 deletions(-)

diff --git a/API.md b/API.md
index ae2bb6b3..b28e4e37 100644
--- a/API.md
+++ b/API.md
@@ -1495,10 +1495,10 @@ data.
 
     Deletes existing user.
 
-## Listing tokens
+## Listing user tokens
 - **Request**
 
-    `GET /user-tokens/`
+    `GET /user-tokens/<user_name>`
 
 - **Output**
 
@@ -1513,15 +1513,19 @@ data.
 
     Searches for users tokens for the currently logged in user.
 
-## Creating token
+## Creating a user token
 - **Request**
 
-    `POST /user-token`
+    `POST /user-token/<user_name>`
 
 - **Input**
 
     ```json5
-    {}
+    {
+        "enabled":    <enabled>, // optional
+        "note":       <note>, // optional
+        "expiration": <expiration>, // optional
+    }
     ```
 
 - **Output**
@@ -1537,17 +1541,19 @@ data.
     Creates a new user token that can be used for authentication of api
     endpoints instead of a password.
     
-## Updating user
+## Updating a user token
 - **Request**
 
-    `PUT /user-token/<token>`
+    `PUT /user-token/<user_name>/<token>`
 
 - **Input**
 
     ```json5
     {
-        "version": <version>,
-        "enabled": <enabled>, // optional
+        "version":    <version>,
+        "enabled":    <enabled>, // optional
+        "note":       <note>, // optional
+        "expiration": <expiration>, // optional
     }
     ```
 
@@ -1567,15 +1573,17 @@ data.
     except the [`version`](#versioning) are optional - update concerns only 
     provided fields.
 
-## Deleting token
+## Deleting a user token
 - **Request**
 
-    `DELETE /user-token/<token>`
+    `DELETE /user-token/<user_name>/<token>`
 
 - **Input**
 
     ```json5
-    {}
+    {
+        "version":    <version>,
+    }
     ```
 
 - **Output**
@@ -1836,7 +1844,9 @@ A single user token.
 {
     "user":         <user>,
     "token":        <token>,
+    "note":         <token>,
     "enabled":      <enabled>,
+    "expiration":   <expiration>,
     "version":      <version>,
     "creationTime": <creation-time>,
     "lastEditTime": <last-edit-time>,
@@ -1846,7 +1856,9 @@ A single user token.
 **Field meaning**
 - `<user>`: micro user. See [micro user](#micro-user).
 - `<token>`: the token that can be used to authenticate the user.
+- `<note>`: a note that describes the token.
 - `<enabled>`: whether the token is still valid for authentication.
+- `<expiration>`: time when the token expires.
 - `<version>`: resource version. See [versioning](#versioning).
 - `<creation-time>`: time the user token was created , formatted as per RFC 3339.
 - `<last-edit-time>`: time the user token was edited, formatted as per RFC 3339.
diff --git a/server/szurubooru/func/users.py b/server/szurubooru/func/users.py
index c6b12d99..38c6a905 100644
--- a/server/szurubooru/func/users.py
+++ b/server/szurubooru/func/users.py
@@ -1,9 +1,7 @@
 from datetime import datetime
 from typing import Any, Optional, Union, List, Dict, Callable
-
 import re
 import sqlalchemy as sa
-
 from szurubooru import config, db, model, errors, rest
 from szurubooru.func import auth, util, serialization, files, images
 
diff --git a/server/szurubooru/migrations/versions/a39c7f98a7fa_add_user_token_table.py b/server/szurubooru/migrations/versions/a39c7f98a7fa_add_user_token_table.py
index ded7298d..f78fb24c 100644
--- a/server/szurubooru/migrations/versions/a39c7f98a7fa_add_user_token_table.py
+++ b/server/szurubooru/migrations/versions/a39c7f98a7fa_add_user_token_table.py
@@ -26,11 +26,11 @@ def upgrade():
                     sa.Column('creation_time', sa.DateTime(), nullable=False),
                     sa.Column('last_edit_time', sa.DateTime(), nullable=True),
                     sa.Column('version', sa.Integer(), nullable=False),
-                    sa.ForeignKeyConstraint(['user_id'], ['user.id'],
-                                            ondelete='CASCADE'),
+                    sa.ForeignKeyConstraint(
+                        ['user_id'], ['user.id'], ondelete='CASCADE'),
                     sa.PrimaryKeyConstraint('id'))
-    op.create_index(op.f('ix_user_token_user_id'), 'user_token',
-                    ['user_id'], unique=False)
+    op.create_index(
+        op.f('ix_user_token_user_id'), 'user_token', ['user_id'], unique=False)
 
 
 def downgrade():
diff --git a/server/szurubooru/model/__init__.py b/server/szurubooru/model/__init__.py
index 7f5009c7..4892b974 100644
--- a/server/szurubooru/model/__init__.py
+++ b/server/szurubooru/model/__init__.py
@@ -1,5 +1,5 @@
 from szurubooru.model.base import Base
-from szurubooru.model.user import (User, UserToken)
+from szurubooru.model.user import User, UserToken
 from szurubooru.model.tag_category import TagCategory
 from szurubooru.model.tag import Tag, TagName, TagSuggestion, TagImplication
 from szurubooru.model.post import (
diff --git a/server/szurubooru/tests/func/test_user_tokens.py b/server/szurubooru/tests/func/test_user_tokens.py
index bb71862a..5fba92db 100644
--- a/server/szurubooru/tests/func/test_user_tokens.py
+++ b/server/szurubooru/tests/func/test_user_tokens.py
@@ -12,14 +12,16 @@ def test_serialize_user_token(user_token_factory):
     with patch('szurubooru.func.users.get_avatar_url'):
         users.get_avatar_url.return_value = 'https://example.com/avatar.png'
         result = user_tokens.serialize_user_token(user_token, user_token.user)
-        assert result == {'creationTime': datetime(1997, 1, 1, 0, 0),
-                          'enabled': True,
-                          'lastEditTime': None,
-                          'token': 'dummy',
-                          'user': {
-                              'avatarUrl': 'https://example.com/avatar.png',
-                              'name': user_token.user.name},
-                          'version': 1}
+        assert result == {
+            'creationTime': datetime(1997, 1, 1, 0, 0),
+            'enabled': True,
+            'lastEditTime': None,
+            'token': 'dummy',
+            'user': {
+                'avatarUrl': 'https://example.com/avatar.png',
+                'name': user_token.user.name},
+            'version': 1
+        }
 
 
 def test_serialize_user_token_none():
diff --git a/server/szurubooru/tests/middleware/test_authenticator.py b/server/szurubooru/tests/middleware/test_authenticator.py
index 0d9120b7..05f9608f 100644
--- a/server/szurubooru/tests/middleware/test_authenticator.py
+++ b/server/szurubooru/tests/middleware/test_authenticator.py
@@ -14,9 +14,10 @@ def test_process_request_no_header(context_factory):
 
 def test_process_request_basic_auth_valid(context_factory, user_factory):
     user = user_factory()
-    ctx = context_factory(headers={
-        'Authorization': "Basic dGVzdFVzZXI6dGVzdFBhc3N3b3Jk"
-    })
+    ctx = context_factory(
+        headers={
+            'Authorization': "Basic dGVzdFVzZXI6dGVzdFBhc3N3b3Jk"
+        })
     with patch('szurubooru.func.auth.is_valid_password'), \
             patch('szurubooru.func.users.get_user_by_name'):
         users.get_user_by_name.return_value = user
@@ -27,9 +28,10 @@ def test_process_request_basic_auth_valid(context_factory, user_factory):
 
 def test_process_request_token_auth_valid(context_factory, user_token_factory):
     user_token = user_token_factory()
-    ctx = context_factory(headers={
-        'Authorization': "Token dGVzdFVzZXI6dGVzdFRva2Vu"
-    })
+    ctx = context_factory(
+        headers={
+            'Authorization': "Token dGVzdFVzZXI6dGVzdFRva2Vu"
+        })
     with patch('szurubooru.func.auth.is_valid_token'), \
             patch('szurubooru.func.users.get_user_by_name'), \
             patch('szurubooru.func.user_tokens.get_by_user_and_token'):
@@ -41,8 +43,9 @@ def test_process_request_token_auth_valid(context_factory, user_token_factory):
 
 
 def test_process_request_bad_header(context_factory):
-    ctx = context_factory(headers={
-        'Authorization': "Secret SuperSecretValue"
-    })
+    ctx = context_factory(
+        headers={
+            'Authorization': "Secret SuperSecretValue"
+        })
     with pytest.raises(errors.HttpBadRequest):
         authenticator.process_request(ctx)