do not display avatar_url to user

2024-09-27 20:31:30 +02:00 · 2019-07-11 19:48:22 +02:00 · 2019-07-11 19:48:22 +02:00 · 91bf3e3379
commit 91bf3e3379
parent 65a540030f
2 changed files with 8 additions and 2 deletions
--- a/app/oauth/templates/oauth/authorize_nonlogin_user.html
+++ b/app/oauth/templates/oauth/authorize_nonlogin_user.html
@ -6,7 +6,13 @@

    <ul class="mt-3">
      {% for scope in client.get_scopes() %}
-        <li>{{ scope.value }}</li>
+        <li>
+        {% if scope == Scope.AVATAR_URL %}
+          avatar
+        {% else %}
+          {{ scope.value }}
+        {% endif %}
+        </li>
      {% endfor %}
    </ul>

--- a/app/oauth/views/authorize.py
+++ b/app/oauth/views/authorize.py
@ -82,7 +82,7 @@ def authorize():
        else:
            # after user logs in, redirect user back to this page
            return render_template(
-                "oauth/authorize_nonlogin_user.html", client=client, next=request.url
+                "oauth/authorize_nonlogin_user.html", client=client, next=request.url, Scope=Scope,
            )
    else:  # user allows or denies
        gen_new_email = request.form.get("gen-email") == "on"