You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2023/02/21 22:59:58 UTC
[airavata-django-portal] branch develop updated: AIRAVATA-3682 Fix token based auth
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
The following commit(s) were added to refs/heads/develop by this push:
new a5d6cd17 AIRAVATA-3682 Fix token based auth
a5d6cd17 is described below
commit a5d6cd17618b90d201304cfeab50a256a808d57d
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Tue Feb 21 17:59:45 2023 -0500
AIRAVATA-3682 Fix token based auth
---
django_airavata/apps/api/authentication.py | 3 +++
django_airavata/apps/auth/middleware.py | 3 ++-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/django_airavata/apps/api/authentication.py b/django_airavata/apps/api/authentication.py
index 226b5e58..2cf95e4d 100644
--- a/django_airavata/apps/api/authentication.py
+++ b/django_airavata/apps/api/authentication.py
@@ -3,6 +3,7 @@ import logging
from django.contrib.auth import authenticate
from rest_framework import authentication, exceptions
+from django_airavata.apps.auth import utils
from django_airavata.apps.auth.middleware import set_admin_group_attributes
logger = logging.getLogger(__name__)
@@ -21,6 +22,8 @@ class OAuthAuthentication(authentication.BaseAuthentication):
logger.debug(f"OAuthAuthentication authenticated user {user}")
# Set request attributes that are normally set by middleware
+ request.authz_token = utils.get_authz_token(request, user=user, access_token=token)
+ request.user = user
set_admin_group_attributes(request)
return (user, token)
except Exception as e:
diff --git a/django_airavata/apps/auth/middleware.py b/django_airavata/apps/auth/middleware.py
index 46a0d08a..53569325 100644
--- a/django_airavata/apps/auth/middleware.py
+++ b/django_airavata/apps/auth/middleware.py
@@ -35,6 +35,7 @@ def set_admin_group_attributes(request, gateway_groups=None):
"""Set is_gateway_admin and is_read_only_gateway_admin request attrs."""
if gateway_groups is None:
gateway_groups = request.airavata_client.getGatewayGroups(request.authz_token)
+ gateway_groups = copy.deepcopy(gateway_groups.__dict__)
admins_group_id = gateway_groups['adminsGroupId']
read_only_admins_group_id = gateway_groups['readOnlyAdminsGroupId']
group_manager_client = request.profile_service['group_manager']
@@ -66,7 +67,7 @@ def gateway_groups_middleware(get_response):
request.authz_token)
gateway_groups_dict = copy.deepcopy(gateway_groups.__dict__)
request.session['GATEWAY_GROUPS'] = gateway_groups_dict
- set_admin_group_attributes(request, request.session.get("GATEWAY_GROUPS"))
+ set_admin_group_attributes(request, gateway_groups=request.session.get("GATEWAY_GROUPS"))
# Gateway Admins are made 'superuser' in Django so they can edit
# pages in the CMS
if request.is_gateway_admin and (