Fixed issues logging in.

The API call to /api/bcloud/update-subscription is now performed via the SDK, to ensure proper authentication. Also streamlined some other code.
2017-05-05 10:29:16 +02:00 · 2017-05-05 10:29:16 +02:00 · 379d40837b
commit 379d40837b
parent 10a40ddabd
3 changed files with 17 additions and 9 deletions
--- a/pillar/api/blender_cloud/subscription.py
+++ b/pillar/api/blender_cloud/subscription.py
@ -102,12 +102,12 @@ def update_subscription():

    if grant_subscriber != is_subscriber:
        action = 'grant' if grant_subscriber else 'revoke'
-        log.info('%sing subscriber role to user %s', action, user_id)
+        log.info('%sing subscriber role to user %s (Blender ID email %s)', action, user_id, email)
        service.do_badger(action, 'subscriber', user_id=user_id)

    if grant_demo != is_demo:
        action = 'grant' if grant_demo else 'revoke'
-        log.info('%sing demo role to user %s', action, user_id)
+        log.info('%sing demo role to user %s (Blender ID email %s)', action, user_id, email)
        service.do_badger(action, 'demo', user_id=user_id)

    return '', 204
--- a/pillar/auth/init.py
+++ b/pillar/auth/init.py
@ -87,7 +87,17 @@ def login_user(oauth_token):

 def get_blender_id_oauth_token():
    """Returns a tuple (token, ''), for use with flask_oauthlib."""
-    return session.get('blender_id_oauth_token')
+
+    from flask import request
+
+    token = session.get('blender_id_oauth_token')
+    if token:
+        return token
+
+    if request.authorization:
+        return request.authorization.username, ''
+
+    return None


 def config_oauth_login(app):
--- a/pillar/web/users/routes.py
+++ b/pillar/web/users/routes.py
@ -44,11 +44,11 @@ def login():

@blueprint.route('/oauth/blender-id/authorized')
 def blender_id_authorized():
-    from pillar.api.blender_cloud import subscription
-
    check_oauth_provider(current_app.oauth_blender_id)
    try:
        oauth_resp = current_app.oauth_blender_id.authorized_response()
+        if isinstance(oauth_resp, OAuthException):
+            raise oauth_resp
    except OAuthException as ex:
        log.warning('Error parsing BlenderID OAuth response. data=%s; message=%s',
                    ex.data, ex.message)
@ -60,9 +60,6 @@ def blender_id_authorized():
        log.warning('Access denied to user because oauth_resp=None: %s', msg)
        return wz_exceptions.Forbidden(msg)

-    if isinstance(oauth_resp, OAuthException):
-        return 'Access denied: %s' % oauth_resp.message
-
    session['blender_id_oauth_token'] = (oauth_resp['access_token'], '')

    pillar.auth.login_user(oauth_resp['access_token'])
@ -70,7 +67,8 @@ def blender_id_authorized():
    if current_user is not None:
        # Check with the store for user roles. If the user has an active
        # subscription, we apply the 'subscriber' role
-        subscription.update_subscription()
+        api = system_util.pillar_api(token=oauth_resp['access_token'])
+        api.get('bcloud/update-subscription')

    next_after_login = session.get('next_after_login')
    if next_after_login: