Mercurial > kallithea

changeset 7704:6104f9106a5a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
auth: drop authenticating_api_key from AuthUser It doesn't belong as a user property - it is more of a session property ... which is what we already use instead.
author Mads Kiilerich <mads@kiilerich.com>
date Fri, 04 Jan 2019 03:51:45 +0100
parents 5c5f0eb45681
children cad3185863e0
files kallithea/lib/auth.py kallithea/lib/base.py
diffstat 2 files changed, 4 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/kallithea/lib/auth.py	Fri Jan 04 03:51:38 2019 +0100
+++ b/kallithea/lib/auth.py	Fri Jan 04 03:51:45 2019 +0100
@@ -399,7 +399,7 @@
     """
 
     @classmethod
-    def make(cls, dbuser=None, authenticating_api_key=None, is_external_auth=False, ip_addr=None):
+    def make(cls, dbuser=None, is_external_auth=False, ip_addr=None):
         """Create an AuthUser to be authenticated ... or return None if user for some reason can't be authenticated.
         Checks that a non-None dbuser is provided, is active, and that the IP address is ok.
         """
@@ -414,13 +414,10 @@
         if not check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
             log.info('Access for %s from %s forbidden - not in %s', dbuser.username, ip_addr, allowed_ips)
             return None
-        return cls(dbuser=dbuser, authenticating_api_key=authenticating_api_key,
-            is_external_auth=is_external_auth)
+        return cls(dbuser=dbuser, is_external_auth=is_external_auth)
 
-    def __init__(self, user_id=None, dbuser=None, authenticating_api_key=None,
-            is_external_auth=False):
+    def __init__(self, user_id=None, dbuser=None, is_external_auth=False):
         self.is_external_auth = is_external_auth # container auth - don't show logout option
-        self.authenticating_api_key = authenticating_api_key
 
         # These attributes will be overridden by fill_data, below, unless the
         # requested user cannot be found and the default anonymous user is
--- a/kallithea/lib/base.py	Fri Jan 04 03:51:38 2019 +0100
+++ b/kallithea/lib/base.py	Fri Jan 04 03:51:45 2019 +0100
@@ -486,7 +486,7 @@
                 if dbuser is None:
                     log.info('No db user found for authentication with API key ****%s from %s',
                              api_key[-4:], ip_addr)
-                authuser = AuthUser.make(dbuser=dbuser, authenticating_api_key=api_key, is_external_auth=True, ip_addr=ip_addr)
+                authuser = AuthUser.make(dbuser=dbuser, is_external_auth=True, ip_addr=ip_addr)
                 needs_csrf_check = False # API key provides CSRF protection
 
             if authuser is None: