mirror of
https://github.com/simple-login/app.git
synced 2024-11-13 07:31:12 +01:00
de31e6d072
* Allow to set sudo mode for api requests * Rebase migration on top of master * PR comments * Added missing migration * Removed unused import * Apply suggestions from code review Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
27 lines
692 B
Python
27 lines
692 B
Python
from flask import jsonify, g, request
|
|
from sqlalchemy_utils.types.arrow import arrow
|
|
|
|
from app.api.base import api_bp, require_api_auth
|
|
from app.db import Session
|
|
|
|
|
|
@api_bp.route("/sudo", methods=["PATCH"])
|
|
@require_api_auth
|
|
def enter_sudo():
|
|
"""
|
|
Enter sudo mode
|
|
|
|
Input
|
|
- password: user password to validate request to enter sudo mode
|
|
"""
|
|
user = g.user
|
|
data = request.get_json() or {}
|
|
if "password" not in data:
|
|
return jsonify(error="Invalid request"), 403
|
|
if not user.check_password(data["password"]):
|
|
return jsonify(error="Invalid request"), 403
|
|
|
|
g.api_key.sudo_mode_at = arrow.now()
|
|
Session.commit()
|
|
|
|
return jsonify(ok=True)
|