From 53ad9edda5c825a24bc91efe9d8b4d7bcc180e37 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Wed, 17 Jul 2024 11:00:40 -0500
Subject: Remove token and user detail handling from @app.before_request

The token and user details information is handled in the
`gn2.wqflask.oauth2.session`. Other parts of the system should make
use of that.

It also helps avoid some weird "action-at-a-distance" interactions -
this forces the code to request what it needs when it needs it and not
rely on some global variables.
---
 gn2/wqflask/__init__.py      | 15 ---------------
 gn2/wqflask/oauth2/checks.py |  5 +----
 2 files changed, 1 insertion(+), 19 deletions(-)

(limited to 'gn2/wqflask')

diff --git a/gn2/wqflask/__init__.py b/gn2/wqflask/__init__.py
index ce42ce4e..f85454ba 100644
--- a/gn2/wqflask/__init__.py
+++ b/gn2/wqflask/__init__.py
@@ -158,21 +158,6 @@ def before_request():
     g.request_start_time = time.time()
     g.request_time = lambda: "%.5fs" % (time.time() - g.request_start_time)
 
-    token = session.get("oauth2_token", False)
-    if token and not bool(session.get("user_details", False)):
-        from gn2.wqflask.oauth2.client import oauth2_client
-        config = current_app.config
-        resp = oauth2_client().client.get(
-            urljoin(config["GN_SERVER_URL"], "oauth2/user"))
-        user_details = resp.json()
-        session["user_details"] = user_details
-
-        if user_details.get("error") == "invalid_token":
-            flash(user_details["error_description"], "alert-danger")
-            flash("You are now logged out.", "alert-info")
-            session.pop("user_details", None)
-            session.pop("oauth2_token", None)
-
 @app.context_processor
 def include_admin_role_class():
     return {'AdminRole': AdminRole}
diff --git a/gn2/wqflask/oauth2/checks.py b/gn2/wqflask/oauth2/checks.py
index 7f33348e..b8db6dc2 100644
--- a/gn2/wqflask/oauth2/checks.py
+++ b/gn2/wqflask/oauth2/checks.py
@@ -2,9 +2,8 @@
 from functools import wraps
 from urllib.parse import urljoin
 
+from flask import flash, request, redirect
 from authlib.integrations.requests_client import OAuth2Session
-from flask import (
-    flash, request, redirect, session as flask_session)
 
 from . import session
 from .session import clear_session_info
@@ -24,8 +23,6 @@ def require_oauth2(func):
 
         def __clear_session__(_no_token):
             session.clear_session_info()
-            flask_session.pop("oauth2_token", None)
-            flask_session.pop("user_details", None)
             flash("You need to be logged in.", "alert-warning")
             return redirect("/")
 
-- 
cgit v1.2.3