Itmens/lib.itmens
Itmens/lib.itmens
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

disallow apps to access sensitive ui with token

Browse source
This commit is contained in:
Your Name 2023-06-28 08:11:36 -04:00 committed by Henri Dickson
parent d27cf87496
commit 751eb0f189
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
users/account.py
View file

@ -179,6 +179,8 @@ def logout(request):
@mastodon_request_included
@login_required
def reconnect(request):
if request.META.get("HTTP_AUTHORIZATION"):
raise BadRequest("Only for web login")
if request.method == "POST":
request.session["swap_login"] = True
request.session["swap_domain"] = request.POST["domain"]
@ -258,6 +260,8 @@ def auth_logout(request):
@login_required
def clear_data(request):
if request.META.get("HTTP_AUTHORIZATION"):
raise BadRequest("Only for web login")
if request.method == "POST":
if request.POST.get("verification") == request.user.mastodon_username:
remove_data_by_user(request.user)