aboutsummaryrefslogtreecommitdiff
path: root/uploader/authorisation.py
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-08-06 10:29:44 -0500
committerFrederick Muriuki Muriithi2024-08-06 10:29:44 -0500
commite4cf16ebfc90dd668b203d6841b67dc599926811 (patch)
tree80a8c3a16fe2d739f76f5e0daa81f62a948822b2 /uploader/authorisation.py
parentdcbe218914dcc56229b528d843f820793ce95a5e (diff)
downloadgn-uploader-e4cf16ebfc90dd668b203d6841b67dc599926811.tar.gz
Avoid hitting auth server to check for token
If the user is already logged in, they will have a token. Whether a token is valid or not should be handled elsewhere, not with every single request to gn-uploader, whether or not it requires to access the auth server.
Diffstat (limited to 'uploader/authorisation.py')
-rw-r--r--uploader/authorisation.py11
1 files changed, 3 insertions, 8 deletions
diff --git a/uploader/authorisation.py b/uploader/authorisation.py
index 71b42fa..efd4dbd 100644
--- a/uploader/authorisation.py
+++ b/uploader/authorisation.py
@@ -17,12 +17,7 @@ def require_login(function):
flash("You need to be logged in.", "alert-danger")
return redirect("/")
- def __with_token__(token):
- resp = oauth2_client().get(
- urljoin(authserver_uri(), "auth/user/"))
- userdetails = resp.json()
- if not userdetails.get("error"):
- return function(*args, **kwargs)
- return __clear_session__(token)
- return session.user_token().either(__clear_session__, __with_token__)
+ return session.user_token().either(
+ __clear_session__,
+ lambda token: function(*args, **kwargs))
return __is_session_valid__