diff options
| author | John Nduli | 2024-08-06 08:36:28 +0300 |
|---|---|---|
| committer | John Nduli | 2024-08-06 08:36:28 +0300 |
| commit | 0dcd203faef748a625a7134b9dcda61baac51b3b (patch) | |
| tree | 47c7099845af7763d1d77e8e65c61201fda97eef | |
| parent | b5d32afe62c4ef64b748bacb973c2cb79d559361 (diff) | |
| download | genenetwork2-0dcd203faef748a625a7134b9dcda61baac51b3b.tar.gz | |
fix: use bearer token to query auth server
| -rw-r--r-- | gn2/wqflask/oauth2/ui.py | 5 | ||||
| -rw-r--r-- | gn2/wqflask/static/new/javascript/auth/search_mrna.js | 5 | ||||
| -rw-r--r-- | gn2/wqflask/templates/oauth2/data-list-mrna.html | 2 |
3 files changed, 11 insertions, 1 deletions
diff --git a/gn2/wqflask/oauth2/ui.py b/gn2/wqflask/oauth2/ui.py index d70a13ec..89739fe3 100644 --- a/gn2/wqflask/oauth2/ui.py +++ b/gn2/wqflask/oauth2/ui.py @@ -1,6 +1,8 @@ """UI utilities""" from flask import session, render_template +from gn2.wqflask.oauth2 import session + from .client import oauth2_get from .client import user_logged_in from .request_utils import process_error @@ -13,7 +15,8 @@ def render_ui(templatepath: str, **kwargs): lambda _err: roles, lambda auth_roles: auth_roles) user_privileges = tuple( privilege["privilege_id"] for role in roles for privilege in role["privileges"]) + user_token = session.user_token().either(lambda _err: "", lambda token: token["access_token"]) kwargs = { - **kwargs, "roles": roles, "user_privileges": user_privileges + **kwargs, "roles": roles, "user_privileges": user_privileges, "bearer_token": user_token } return render_template(templatepath, **kwargs) diff --git a/gn2/wqflask/static/new/javascript/auth/search_mrna.js b/gn2/wqflask/static/new/javascript/auth/search_mrna.js index 76b2dc6b..ed264bb4 100644 --- a/gn2/wqflask/static/new/javascript/auth/search_mrna.js +++ b/gn2/wqflask/static/new/javascript/auth/search_mrna.js @@ -15,12 +15,17 @@ function search_mrna() { selected = JSON.parse(document.getElementById( "tbl-link").getAttribute("data-datasets")); species_name = document.getElementById("txt-species-name").value + bearer_token = document.getElementById("bearer_token").value search_endpoint = "/auth/data/mrna/search" search_table = new TableDataSource( "#tbl-search", "data-datasets", search_checkbox); $.ajax( form.action, { + + "beforeSend": function (xhr) { + xhr.setRequestHeader('Authorization', 'Bearer ' + bearer_token); + }, "method": "POST", "contentType": "application/json; charset=utf-8", "dataType": "json", diff --git a/gn2/wqflask/templates/oauth2/data-list-mrna.html b/gn2/wqflask/templates/oauth2/data-list-mrna.html index 728e95d4..0ee9d27e 100644 --- a/gn2/wqflask/templates/oauth2/data-list-mrna.html +++ b/gn2/wqflask/templates/oauth2/data-list-mrna.html @@ -95,6 +95,8 @@ action="{{search_uri}}" method="POST"> <legend>Search: mRNA Assay</legend> + + <input type="hidden" id="bearer_token" name="bearer_token" value="{{bearer_token}}" /> <input type="hidden" value="{{species_name}}" name="species" id="txt-species-name" /> <input type="hidden" value="{{dataset_type}}" name="dataset_type" |