archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: archive:cryptography-rust-fix
Branches Tags
archive:master archive:production archive:cryptography-rust-fix archive:dillo archive:wip-comments-confidence-sorting archive:wip-refactor-node-hooks archive:wip-tags-view-progress archive:tmp-video-endcard archive:wip-redesign archive:wip-frontend-design archive:wip-open-project-landing archive:wip-sybren-notifications
archive:last-py27 archive:last-before-fusion
...
pull from: archive:production
Branches Tags
archive:master archive:production archive:cryptography-rust-fix archive:dillo archive:wip-comments-confidence-sorting archive:wip-refactor-node-hooks archive:wip-tags-view-progress archive:tmp-video-endcard archive:wip-redesign archive:wip-frontend-design archive:wip-open-project-landing archive:wip-sybren-notifications
archive:last-py27 archive:last-before-fusion

4 Commits
cryptograp ... production

Author SHA1 Message Date
Anna Sirota
8f3a03d311 Log exception on each ResourceInvalid to make debugging easier 2021-04-26 17:40:03 +02:00
Anna Sirota
d9d3b73070 Don't validate tokens for each static asset URL 2021-03-19 10:28:28 +01:00
Anna Sirota
2bce52e189 Pin poetry deps to work around cryptography requiring Rust issue 2021-03-18 18:49:10 +01:00
Sybren A. Stüvel
9f76657603 Remove debug-log when auth token cannot be found 2021-02-16 13:55:28 +01:00
3 changed files with 8 additions and 5 deletions
Expand all files Collapse all files

2
pillar/__init__.py
View File

@@ -663,7 +663,7 @@ class PillarServer(BlinkerCompatibleEve):
return self.pillar_error_handler(error)
def handle_sdk_resource_invalid(self, error):
self.log.info('Forwarding ResourceInvalid exception to client: %s', error, exc_info=True)
self.log.exception('Forwarding ResourceInvalid exception to client: %s', error, exc_info=True)
# Raising a Werkzeug 422 exception doens't work, as Flask turns it into a 500.
return _('The submitted data could not be validated.'), 422

8
pillar/api/utils/authentication.py
View File

@@ -60,7 +60,7 @@ def find_user_in_db(user_info: dict, provider='blender-id') -> dict:
email address.
Does NOT update the user in the database.
:param user_info: Information (id, email and full_name) from the auth provider
:param provider: One of the supported providers
"""
@@ -169,8 +169,6 @@ def validate_this_token(token, oauth_subclient=None):
# Check the users to see if there is one with this Blender ID token.
db_token = find_token(token, oauth_subclient)
if not db_token:
log.debug('Token %r not found in our local database.', token)
# If no valid token is found in our local database, we issue a new
# request to the Blender ID server to verify the validity of the token
# passed via the HTTP header. We will get basic user info if the user
@@ -377,6 +375,10 @@ def current_user():
def setup_app(app):
@app.before_request
def validate_token_at_each_request():
# Skip token validation if this is a static asset
# to avoid spamming Blender ID for no good reason
if request.path.startswith('/static/'):
return
validate_token()

3
pyproject.toml
View File

@@ -22,6 +22,7 @@ bcrypt = "~3"
blinker = "~1.4"
bleach = "~3.1"
celery = {version = "~4.3",extras = ["redis"]}
cryptography = "2.7"
commonmark = "~0.9"
# These must match the version of ElasticSearch used:
@@ -59,5 +60,5 @@ pillar-devdeps = {path = "./devdeps"}
[build-system]
requires = ["poetry>=0.12"]
requires = ["poetry==1.0","cryptography==2.7","setuptools==51.0.0","wheel==0.35.1"]
build-backend = "poetry.masonry.api"