diff --git a/applications/templates/applications/application/detail.html b/applications/templates/applications/application/detail.html
index cdeb12b3c087f3c5f279c11293ddb22e935c3093..36f7b5f49f0826184fb829272fdd3e96b3740ee6 100644
--- a/applications/templates/applications/application/detail.html
+++ b/applications/templates/applications/application/detail.html
@@ -1,6 +1,10 @@
{% extends "base.html" %}
{% load bootstrap4 %}
+{% block extra_head %}
+ <script src="https://cdn.jsdelivr.net/npm/js-cookie@2.2.0/src/js.cookie.min.js"></script>
+{% endblock %}
+
{% block content %}
<nav aria-label="breadcrumb">
<ol class="breadcrumb">
@@ -64,8 +68,27 @@
<td>
<span id="spanApiToken">
{% if application.proxy_user.auth_token %}
+ <script type="application/javascript">
+ function revokeToken() {
+ $.ajax({
+ dataType: "json",
+ url: "{% url 'applications:token' pk=application.pk %}",
+ method: "DELETE",
+ headers: {
+ "X-CSRFToken": Cookies.get("csrftoken")
+ },
+ data: null,
+ success: function (data) {
+ $('#spanApiToken').text("");
+ }
+ });
+ }
+ </script>
+
{{ application.proxy_user.auth_token }}
+ <button onclick="revokeToken();" class="btn btn-danger" role="button">Revoke API Token</button>
+
{% else %}
<script type="application/javascript">
function getToken() {
diff --git a/applications/urls.py b/applications/urls.py
index ae74341444ed0fe0599bced8c8622946e25c3bb7..0d4ad197c7f21809e3075700d3e444e7510daac9 100644
--- a/applications/urls.py
+++ b/applications/urls.py
@@ -29,6 +29,10 @@ urlpatterns = [
views.ApplicationGetTokenView.as_view(),
name='token'),
+ path('<int:pk>/token',
+ views.ApplicationGetTokenView.as_view(),
+ name='token'),
+
path('<int:pk>/manage-access',
views.ApplicationManageAccessView.as_view(),
name='application.manage-access'),
diff --git a/applications/views.py b/applications/views.py
index 82565962e6a28573605c547ee5bdbbcaf3515d44..e9c6a019c43ac33c2315ee26c3e39908e7b25d5b 100644
--- a/applications/views.py
+++ b/applications/views.py
@@ -98,7 +98,7 @@ class ApplicationGetTokenView(OwnerPermissionMixin, DetailView):
def render_to_response(self, context, **response_kwargs):
"""
- Get an existing API Token or create a new one for the currently authenticated user.
+ Get an existing API Token or create a new one for the requested :class:`Application`.
:return: JSON containing Token key
"""
@@ -112,3 +112,19 @@ class ApplicationGetTokenView(OwnerPermissionMixin, DetailView):
}
}
})
+
+ def delete(self, request, *args, **kwargs):
+ """
+ Revoke an API Token for the requested :class:`Application`.
+
+ :return: JSON containing Token key
+ """
+ self.object = self.get_object()
+ self.object.proxy_user.revoke_auth_token()
+
+ return JsonResponse({
+ 'status': 'success',
+ 'data': {
+ 'token': None,
+ }
+ })
diff --git a/pedasi/common/__init__.py b/pedasi/common/__init__.py
deleted file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..0000000000000000000000000000000000000000
diff --git a/profiles/models.py b/profiles/models.py
index 1ef55900baa1e8ce943b830059f4d71c76841dc7..738fa71aaca9294d9327cb4476253935c4d89972 100644
--- a/profiles/models.py
+++ b/profiles/models.py
@@ -28,3 +28,10 @@ class User(AbstractUser):
"""
token, created = Token.objects.get_or_create(user=self)
return token
+
+ def revoke_auth_token(self):
+ """
+ Revoke and API auth token for this user.
+ """
+ self.auth_token.delete()
+