From 53ad9edda5c825a24bc91efe9d8b4d7bcc180e37 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Wed, 17 Jul 2024 11:00:40 -0500
Subject: Remove token and user detail handling from @app.before_request

The token and user details information is handled in the
`gn2.wqflask.oauth2.session`. Other parts of the system should make
use of that.

It also helps avoid some weird "action-at-a-distance" interactions -
this forces the code to request what it needs when it needs it and not
rely on some global variables.
---
 gn2/wqflask/oauth2/checks.py | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'gn2/wqflask/oauth2')

diff --git a/gn2/wqflask/oauth2/checks.py b/gn2/wqflask/oauth2/checks.py
index 7f33348e..b8db6dc2 100644
--- a/gn2/wqflask/oauth2/checks.py
+++ b/gn2/wqflask/oauth2/checks.py
@@ -2,9 +2,8 @@
 from functools import wraps
 from urllib.parse import urljoin
 
+from flask import flash, request, redirect
 from authlib.integrations.requests_client import OAuth2Session
-from flask import (
-    flash, request, redirect, session as flask_session)
 
 from . import session
 from .session import clear_session_info
@@ -24,8 +23,6 @@ def require_oauth2(func):
 
         def __clear_session__(_no_token):
             session.clear_session_info()
-            flask_session.pop("oauth2_token", None)
-            flask_session.pop("user_details", None)
             flash("You need to be logged in.", "alert-warning")
             return redirect("/")
 
-- 
cgit v1.2.3