From ded63dc932acc4238790beccf41ce5c3fdcaf0f5 Mon Sep 17 00:00:00 2001
From: Eli Ribble <eli@authentise.com>
Date: Tue, 17 May 2016 15:10:51 -0600
Subject: [PATCH] Include user URI and session URI in GET /session/

This makes it so that we can log out by doing a DELETE on /session/ by
URI.
---
 vanth/api/session.py | 14 ++++++++++----
 vanth/auth.py        |  1 +
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/vanth/api/session.py b/vanth/api/session.py
index 1c1247e..e11d5d4 100644
--- a/vanth/api/session.py
+++ b/vanth/api/session.py
@@ -3,6 +3,7 @@ import json
 import flask
 import sepiida.endpoints
 import sepiida.fields
+import sepiida.routing
 
 import vanth.auth
 import vanth.errors
@@ -14,9 +15,10 @@ class Session(sepiida.endpoints.APIEndpoint):
     ENDPOINT = '/session/'
     SIGNATURE = sepiida.fields.JSONObject(s={
         'name'      : sepiida.fields.String(methods=['GET']),
-        'username'  : sepiida.fields.String(),
         'password'  : sepiida.fields.String(methods=['POST']),
-        'uri'       : sepiida.fields.URI('session', methods=['GET'])
+        'uri'       : sepiida.fields.URI('session', methods=['GET']),
+        'user'      : sepiida.fields.URI('user', methods=['GET']),
+        'username'  : sepiida.fields.String(),
     })
     @staticmethod
     def post(payload):
@@ -28,10 +30,14 @@ class Session(sepiida.endpoints.APIEndpoint):
     @staticmethod
     def get(uuid): # pylint: disable=unused-argument
         user = vanth.auth.current_user()
-        del user['password']
         if not user:
             raise vanth.errors.ResourceDoesNotExist("You are not currently authenticated and therefore do not have a session")
-        return user
+        return {
+            'name'      : user['name'],
+            'uri'       : sepiida.routing.uri('session', flask.session['uuid']),
+            'user'      : user['uri'],
+            'username'  : user['username'],
+        }
 
     def list(self):
         payload = self.get(None)
diff --git a/vanth/auth.py b/vanth/auth.py
index c43ca3f..09ac394 100644
--- a/vanth/auth.py
+++ b/vanth/auth.py
@@ -45,6 +45,7 @@ def require_user():
         )
 
     flask.g.current_user = user[0]
+    flask.g.session = sepiida.routing.uri('session', flask.session['uuid'])
 
 def current_user():
     return getattr(flask.g, 'current_user', None)