Avoid hitting auth server to check for token

If the user is already logged in, they will have a token. Whether a token is valid or not should be handled elsewhere, not with every single request to gn-uploader, whether or not it requires to access the auth server.
author: Frederick Muriuki Muriithi 2024-08-06 10:29:44 -0500
committer: Frederick Muriuki Muriithi 2024-08-06 10:29:44 -0500
commit: e4cf16ebfc90dd668b203d6841b67dc599926811 (patch)
tree: 80a8c3a16fe2d739f76f5e0daa81f62a948822b2
parent: dcbe218914dcc56229b528d843f820793ce95a5e (diff)
download: gn-uploader-e4cf16ebfc90dd668b203d6841b67dc599926811.tar.gz
1 files changed, 3 insertions, 8 deletions
diff --git a/uploader/authorisation.py b/uploader/authorisation.py
index 71b42fa..efd4dbd 100644
--- a/uploader/authorisation.py
+++ b/uploader/authorisation.py
@@ -17,12 +17,7 @@ def require_login(function):
             flash("You need to be logged in.", "alert-danger")
             return redirect("/")
 
-        def __with_token__(token):
-            resp = oauth2_client().get(
-                urljoin(authserver_uri(), "auth/user/"))
-            userdetails = resp.json()
-            if not userdetails.get("error"):
-                return function(*args, **kwargs)
-            return __clear_session__(token)
-        return session.user_token().either(__clear_session__, __with_token__)
+        return session.user_token().either(
+            __clear_session__,
+            lambda token: function(*args, **kwargs))
     return __is_session_valid__
author	Frederick Muriuki Muriithi	2024-08-06 10:29:44 -0500
committer	Frederick Muriuki Muriithi	2024-08-06 10:29:44 -0500
commit	e4cf16ebfc90dd668b203d6841b67dc599926811 (patch)
tree	80a8c3a16fe2d739f76f5e0daa81f62a948822b2
parent	dcbe218914dcc56229b528d843f820793ce95a5e (diff)
download	gn-uploader-e4cf16ebfc90dd668b203d6841b67dc599926811.tar.gz