diff options
author | Frederick Muriuki Muriithi | 2024-08-06 10:29:44 -0500 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-08-06 10:29:44 -0500 |
commit | e4cf16ebfc90dd668b203d6841b67dc599926811 (patch) | |
tree | 80a8c3a16fe2d739f76f5e0daa81f62a948822b2 /uploader/authorisation.py | |
parent | dcbe218914dcc56229b528d843f820793ce95a5e (diff) | |
download | gn-uploader-e4cf16ebfc90dd668b203d6841b67dc599926811.tar.gz |
Avoid hitting auth server to check for token
If the user is already logged in, they will have a token. Whether a
token is valid or not should be handled elsewhere, not with every
single request to gn-uploader, whether or not it requires to access
the auth server.
Diffstat (limited to 'uploader/authorisation.py')
-rw-r--r-- | uploader/authorisation.py | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/uploader/authorisation.py b/uploader/authorisation.py index 71b42fa..efd4dbd 100644 --- a/uploader/authorisation.py +++ b/uploader/authorisation.py @@ -17,12 +17,7 @@ def require_login(function): flash("You need to be logged in.", "alert-danger") return redirect("/") - def __with_token__(token): - resp = oauth2_client().get( - urljoin(authserver_uri(), "auth/user/")) - userdetails = resp.json() - if not userdetails.get("error"): - return function(*args, **kwargs) - return __clear_session__(token) - return session.user_token().either(__clear_session__, __with_token__) + return session.user_token().either( + __clear_session__, + lambda token: function(*args, **kwargs)) return __is_session_valid__ |