You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2021/01/13 22:43:16 UTC

[airavata-django-portal] branch develop updated: Handle adding authz_token to request in login handler

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git


The following commit(s) were added to refs/heads/develop by this push:
     new d2a24e6  Handle adding authz_token to request in login handler
d2a24e6 is described below

commit d2a24e6a1e5188d97e2a06133f420d910347766b
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Wed Jan 13 15:58:32 2021 -0500

    Handle adding authz_token to request in login handler
    
    Middleware normally adds request.authz_token, but runs before login.
    Adding request.authz_token here for code that runs after login that needs the authz_token
    (for example, user_logged_in signal receivers)
---
 django_airavata/apps/auth/utils.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/django_airavata/apps/auth/utils.py b/django_airavata/apps/auth/utils.py
index afd9ff8..249c911 100644
--- a/django_airavata/apps/auth/utils.py
+++ b/django_airavata/apps/auth/utils.py
@@ -18,7 +18,7 @@ def get_authz_token(request, user=None, access_token=None):
     """Construct AuthzToken instance from session; refresh token if needed."""
     if access_token is not None:
         return _create_authz_token(request, user=user, access_token=access_token)
-    elif not is_access_token_expired(request):
+    elif not is_access_token_expired(request, user=user):
         return _create_authz_token(request, user=user, access_token=access_token)
     elif not is_refresh_token_expired(request):
         # Have backend reauthenticate the user with the refresh token
@@ -70,15 +70,16 @@ def _get_access_token(request):
         return request.session['ACCESS_TOKEN']
 
 
-def is_access_token_expired(request):
+def is_access_token_expired(request, user=None):
     """Return True if access_token is not available or is expired."""
     # If access token not stored in session, then token expiration/refreshing
     # isn't supported. When token is provided by REST API client it is expected
     # that the client will manage the token lifetime.
+    user = user if user is not None else request.user
     if 'ACCESS_TOKEN' not in request.session:
         return False
     now = time.time()
-    return not request.user.is_authenticated \
+    return not user.is_authenticated \
         or 'ACCESS_TOKEN' not in request.session \
         or 'ACCESS_TOKEN_EXPIRES_AT' not in request.session \
         or request.session['ACCESS_TOKEN_EXPIRES_AT'] < now