eliribble
/
vanth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make the GET /session/ endpoint work with auth 

If we don't reorder this logic then we'll never set up the user's
information so that GET /session/ has the data it needs to show the
session information.
This commit is contained in:
Eli Ribble 2016-05-17 15:12:17 -06:00
parent ded63dc932
commit aa1664eea0
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
vanth/auth.py
View File

@ -6,6 +6,7 @@ import sepiida.routing
import vanth.platform.user import vanth.platform.user
PUBLIC_ENDPOINTS = [ PUBLIC_ENDPOINTS = [
'session.get',
'session.post', 'session.post',
'about.get', 'about.get',
] ]
@ -25,9 +26,6 @@ def require_user():
if not endpoint(): if not endpoint():
return flask.make_response('Resource not found', 404) return flask.make_response('Resource not found', 404)
if endpoint() in PUBLIC_ENDPOINTS:
return
if 'user_uri' not in flask.session: if 'user_uri' not in flask.session:
raise vanth.errors.AuthenticationException( raise vanth.errors.AuthenticationException(
status_code = 403, status_code = 403,
@ -37,7 +35,7 @@ def require_user():
_, params = sepiida.routing.extract_parameters(flask.current_app, 'GET', flask.session['user_uri']) _, params = sepiida.routing.extract_parameters(flask.current_app, 'GET', flask.session['user_uri'])
user = vanth.platform.user.by_filter({'uuid': [str(params['uuid'])]}) user = vanth.platform.user.by_filter({'uuid': [str(params['uuid'])]})
if not user: if not user and endpoint() not in PUBLIC_ENDPOINTS:
raise vanth.errors.AuthenticationException( raise vanth.errors.AuthenticationException(
status_code = 403, status_code = 403,
error_code = 'invalid-user', error_code = 'invalid-user',