archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Rolled back some flask_login and g.current_user integration

Browse Source 
Setting flask_login.current_user ourselves was a bad idea, and messed up
flask_login's internal administration. Our code now just manages
g.current_user in these specific instances, which works fine.
This commit is contained in:
Sybren A. Stüvel
2017-08-30 12:39:46 +02:00
parent 6825b8bf74
commit 62542f0329
2 changed files with 5 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pillar/api/utils/authentication.py
View File

@@ -113,7 +113,7 @@ def validate_token():
@returns True iff the user is logged in with a valid Blender ID token. @returns True iff the user is logged in with a valid Blender ID token.
""" """
from pillar.auth import force_logout_user from pillar.auth import AnonymousUser
if request.authorization: if request.authorization:
token = request.authorization.username token = request.authorization.username
@@ -131,7 +131,7 @@ def validate_token():
# If no authorization headers are provided, we are getting a request # If no authorization headers are provided, we are getting a request
# from a non logged in user. Proceed accordingly. # from a non logged in user. Proceed accordingly.
log.debug('No authentication headers, so not logged in.') log.debug('No authentication headers, so not logged in.')
force_logout_user() g.current_user = AnonymousUser()
return False return False
return validate_this_token(token, oauth_subclient) is not None return validate_this_token(token, oauth_subclient) is not None
@@ -144,9 +144,9 @@ def validate_this_token(token, oauth_subclient=None):
:rtype: dict :rtype: dict
""" """
from pillar.auth import UserClass, force_logout_user from pillar.auth import UserClass, AnonymousUser
force_logout_user() g.current_user = None
_delete_expired_tokens() _delete_expired_tokens()
# Check the users to see if there is one with this Blender ID token. # Check the users to see if there is one with this Blender ID token.
@@ -168,6 +168,7 @@ def validate_this_token(token, oauth_subclient=None):
if db_user is None: if db_user is None:
log.debug('Validation failed, user not logged in') log.debug('Validation failed, user not logged in')
g.current_user = AnonymousUser()
return None return None
g.current_user = UserClass.construct(token, db_user) g.current_user = UserClass.construct(token, db_user)

15
pillar/auth/__init__.py
View File

@@ -207,21 +207,6 @@ def login_user(oauth_token: str, *, load_from_db=False):
g.current_user = user g.current_user = user
def force_logout_user():
"""Resets the current user to an AnonymousUser instance."""
from flask import g
# Force the current user to be the anonymous user. Calling
# flask_login.logout_user() here would cause infinite recursion, because
# that calls _load_user(), which in turn tries to validate the current
# token, which in turn starts by calling force_logout_user() just to be
# safe.
anon_user = AnonymousUser()
flask_login.current_user = anon_user
g.current_user = anon_user
def get_blender_id_oauth_token(): def get_blender_id_oauth_token():
"""Returns a tuple (token, ''), for use with flask_oauthlib.""" """Returns a tuple (token, ''), for use with flask_oauthlib."""