diff options
| author | Frederick Muriuki Muriithi | 2024-07-17 11:00:40 -0500 |
|---|---|---|
| committer | Alexander_Kabui | 2024-08-28 15:02:46 +0300 |
| commit | b2eaa6a66a3dc205382d06c81bfac4508bd415e7 (patch) | |
| tree | 8cf2a841d5c6d0872844bbe3d5339c2dfe9f957f | |
| parent | 97d2f89ac7b992f752d7d782e631edbc8408a120 (diff) | |
| download | genenetwork2-b2eaa6a66a3dc205382d06c81bfac4508bd415e7.tar.gz | |
Remove token and user detail handling from @app.before_request
The token and user details information is handled in the
`gn2.wqflask.oauth2.session`. Other parts of the system should make
use of that.
It also helps avoid some weird "action-at-a-distance" interactions -
this forces the code to request what it needs when it needs it and not
rely on some global variables.
| -rw-r--r-- | gn2/wqflask/__init__.py | 15 | ||||
| -rw-r--r-- | gn2/wqflask/oauth2/checks.py | 5 |
2 files changed, 1 insertions, 19 deletions
diff --git a/gn2/wqflask/__init__.py b/gn2/wqflask/__init__.py index ce42ce4e..f85454ba 100644 --- a/gn2/wqflask/__init__.py +++ b/gn2/wqflask/__init__.py @@ -158,21 +158,6 @@ def before_request(): g.request_start_time = time.time() g.request_time = lambda: "%.5fs" % (time.time() - g.request_start_time) - token = session.get("oauth2_token", False) - if token and not bool(session.get("user_details", False)): - from gn2.wqflask.oauth2.client import oauth2_client - config = current_app.config - resp = oauth2_client().client.get( - urljoin(config["GN_SERVER_URL"], "oauth2/user")) - user_details = resp.json() - session["user_details"] = user_details - - if user_details.get("error") == "invalid_token": - flash(user_details["error_description"], "alert-danger") - flash("You are now logged out.", "alert-info") - session.pop("user_details", None) - session.pop("oauth2_token", None) - @app.context_processor def include_admin_role_class(): return {'AdminRole': AdminRole} diff --git a/gn2/wqflask/oauth2/checks.py b/gn2/wqflask/oauth2/checks.py index 7f33348e..b8db6dc2 100644 --- a/gn2/wqflask/oauth2/checks.py +++ b/gn2/wqflask/oauth2/checks.py @@ -2,9 +2,8 @@ from functools import wraps from urllib.parse import urljoin +from flask import flash, request, redirect from authlib.integrations.requests_client import OAuth2Session -from flask import ( - flash, request, redirect, session as flask_session) from . import session from .session import clear_session_info @@ -24,8 +23,6 @@ def require_oauth2(func): def __clear_session__(_no_token): session.clear_session_info() - flask_session.pop("oauth2_token", None) - flask_session.pop("user_details", None) flash("You need to be logged in.", "alert-warning") return redirect("/") |