Include user URI and session URI in GET /session/

This makes it so that we can log out by doing a DELETE on /session/ by URI.
2016-05-17 15:10:51 -06:00 · 2016-05-17 15:10:51 -06:00 · ded63dc932
parent 1fbe9558bf
commit ded63dc932
2 changed files with 11 additions and 4 deletions
--- a/vanth/api/session.py
+++ b/vanth/api/session.py
@ -3,6 +3,7 @@ import json
 import flask
 import sepiida.endpoints
 import sepiida.fields
+import sepiida.routing

 import vanth.auth
 import vanth.errors
@ -14,9 +15,10 @@ class Session(sepiida.endpoints.APIEndpoint):
    ENDPOINT = '/session/'
    SIGNATURE = sepiida.fields.JSONObject(s={
        'name'      : sepiida.fields.String(methods=['GET']),
-        'username'  : sepiida.fields.String(),
        'password'  : sepiida.fields.String(methods=['POST']),
-        'uri'       : sepiida.fields.URI('session', methods=['GET'])
+        'uri'       : sepiida.fields.URI('session', methods=['GET']),
+        'user'      : sepiida.fields.URI('user', methods=['GET']),
+        'username'  : sepiida.fields.String(),
    })
    @staticmethod
    def post(payload):
@ -28,10 +30,14 @@ class Session(sepiida.endpoints.APIEndpoint):
    @staticmethod
    def get(uuid): # pylint: disable=unused-argument
        user = vanth.auth.current_user()
-        del user['password']
        if not user:
            raise vanth.errors.ResourceDoesNotExist("You are not currently authenticated and therefore do not have a session")
-        return user
+        return {
+            'name'      : user['name'],
+            'uri'       : sepiida.routing.uri('session', flask.session['uuid']),
+            'user'      : user['uri'],
+            'username'  : user['username'],
+        }

    def list(self):
        payload = self.get(None)
--- a/vanth/auth.py
+++ b/vanth/auth.py
@ -45,6 +45,7 @@ def require_user():
        )

    flask.g.current_user = user[0]
+    flask.g.session = sepiida.routing.uri('session', flask.session['uuid'])

 def current_user():
    return getattr(flask.g, 'current_user', None)