diff options
Diffstat (limited to 'gn3/auth/authorisation/users/admin/ui.py')
| -rw-r--r-- | gn3/auth/authorisation/users/admin/ui.py | 24 |
1 files changed, 4 insertions, 20 deletions
diff --git a/gn3/auth/authorisation/users/admin/ui.py b/gn3/auth/authorisation/users/admin/ui.py index 7357136..242c7a6 100644 --- a/gn3/auth/authorisation/users/admin/ui.py +++ b/gn3/auth/authorisation/users/admin/ui.py @@ -1,28 +1,12 @@ """UI utilities for the auth system.""" from functools import wraps -from datetime import datetime, timezone -from flask import flash, session, request, url_for, redirect +from flask import flash, url_for, redirect from gn3.auth.authentication.users import User from gn3.auth.db_utils import with_db_connection from gn3.auth.authorisation.roles.models import user_roles -SESSION_KEY = "session_details" - -def __session_expired__(): - """Check whether the session has expired.""" - return datetime.now(tz=timezone.utc) >= session[SESSION_KEY]["expires"] - -def logged_in(func): - """Verify the user is logged in.""" - @wraps(func) - def __logged_in__(*args, **kwargs): - if bool(session.get(SESSION_KEY)) and not __session_expired__(): - return func(*args, **kwargs) - flash("You need to be logged in to access that page.", "alert-danger") - return redirect(url_for( - "oauth2.admin.login", next=request.url_rule.endpoint)) - return __logged_in__ +from gn3.session import logged_in, session_user, clear_session_info def is_admin(func): """Verify user is a system admin.""" @@ -32,12 +16,12 @@ def is_admin(func): admin_roles = [ role for role in with_db_connection( lambda conn: user_roles( - conn, User(**session[SESSION_KEY]["user"]))) + conn, User(**session_user()))) if role.role_name == "system-administrator"] if len(admin_roles) > 0: return func(*args, **kwargs) flash("Expected a system administrator.", "alert-danger") flash("You have been logged out of the system.", "alert-info") - session.pop(SESSION_KEY) + clear_session_info() return redirect(url_for("oauth2.admin.login")) return __admin__ |