You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2021/01/13 22:43:16 UTC
[airavata-django-portal] branch develop updated: Handle adding
authz_token to request in login handler
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
The following commit(s) were added to refs/heads/develop by this push:
new d2a24e6 Handle adding authz_token to request in login handler
d2a24e6 is described below
commit d2a24e6a1e5188d97e2a06133f420d910347766b
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Wed Jan 13 15:58:32 2021 -0500
Handle adding authz_token to request in login handler
Middleware normally adds request.authz_token, but runs before login.
Adding request.authz_token here for code that runs after login that needs the authz_token
(for example, user_logged_in signal receivers)
---
django_airavata/apps/auth/utils.py | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/django_airavata/apps/auth/utils.py b/django_airavata/apps/auth/utils.py
index afd9ff8..249c911 100644
--- a/django_airavata/apps/auth/utils.py
+++ b/django_airavata/apps/auth/utils.py
@@ -18,7 +18,7 @@ def get_authz_token(request, user=None, access_token=None):
"""Construct AuthzToken instance from session; refresh token if needed."""
if access_token is not None:
return _create_authz_token(request, user=user, access_token=access_token)
- elif not is_access_token_expired(request):
+ elif not is_access_token_expired(request, user=user):
return _create_authz_token(request, user=user, access_token=access_token)
elif not is_refresh_token_expired(request):
# Have backend reauthenticate the user with the refresh token
@@ -70,15 +70,16 @@ def _get_access_token(request):
return request.session['ACCESS_TOKEN']
-def is_access_token_expired(request):
+def is_access_token_expired(request, user=None):
"""Return True if access_token is not available or is expired."""
# If access token not stored in session, then token expiration/refreshing
# isn't supported. When token is provided by REST API client it is expected
# that the client will manage the token lifetime.
+ user = user if user is not None else request.user
if 'ACCESS_TOKEN' not in request.session:
return False
now = time.time()
- return not request.user.is_authenticated \
+ return not user.is_authenticated \
or 'ACCESS_TOKEN' not in request.session \
or 'ACCESS_TOKEN_EXPIRES_AT' not in request.session \
or request.session['ACCESS_TOKEN_EXPIRES_AT'] < now