archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Store IP-based org-given roles in the user document.

Browse Source 
This is a two-stage approach that happens when a new token is verified
with Blender ID and stored in our local MongoDB:

  - Given the remote IP address of the HTTP request, compute and store the
    org roles in the token document.
  - Recompute the user's roles based on their own roles, regular org roles,
    and the roles stored in non-expired token documents.

This happens once per hour, since that's how long we store tokens in our
database.
This commit is contained in:
Sybren A. Stüvel
2018-01-24 18:19:26 +01:00
parent 270bb21646
commit fd3e795824
7 changed files with 228 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pillar/auth/__init__.py
View File

@@ -67,6 +67,9 @@ class UserClass(flask_login.UserMixin):
def __repr__(self):
return f'UserClass(user_id={self.user_id})'
def __str__(self):
return f'{self.__class__.__name__}(id={self.user_id}, email={self.email!r}'
def __getitem__(self, item):
"""Compatibility layer with old dict-based g.current_user object."""