Mercurial > kallithea

changeset 5324:7e8d80882865

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
auth: refactor user lookup in AuthUser constructor for clarity First, note that `fill_data` checks that the specified `db.User` is `active` before copying anything, and returns False if not. Now, previously when calling e.g. `AuthUser(user_id=anonymous_user_id)`, `_propagate_data` would explicitly refuse to look up the anonymous user, but then fall back to the anonymous user anyway (if `active`), or use None values (if not `active`). Given the same situation, the new code simply looks up the anonymous user like it would any other user, and copies data using `fill_data`. If the anonymous user is not `active`, we fall back to the existing code path and behave as before (that is, use None values).
author Søren Løvborg <kwi@kwi.dk>
date Sun, 26 Jul 2015 13:58:50 +0200
parents 81d8affd08f4
children fd3e1ca9cce9
files kallithea/lib/auth.py
diffstat 1 files changed, 14 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/kallithea/lib/auth.py	Sun Jul 26 13:58:50 2015 +0200
+++ b/kallithea/lib/auth.py	Sun Jul 26 13:58:50 2015 +0200
@@ -506,28 +506,31 @@
         is_user_loaded = False
 
         # lookup by userid
-        if self.user_id is not None and self.user_id != self.anonymous_user.user_id:
+        if self.user_id is not None:
             log.debug('Auth User lookup by USER ID %s' % self.user_id)
             is_user_loaded = user_model.fill_data(self, user_model.get(self.user_id))
 
         # try go get user by API key
-        elif self._api_key and self._api_key != self.anonymous_user.api_key:
+        elif self._api_key:
             log.debug('Auth User lookup by API key %s' % self._api_key)
             is_user_loaded = user_model.fill_data(self, User.get_by_api_key(self._api_key))
 
         else:
             log.debug('No data in %s that could been used to log in' % self)
 
+        # If user cannot be found, try falling back to anonymous.
         if not is_user_loaded:
-            # if we cannot authenticate user try anonymous
-            if self.anonymous_user.active:
-                user_model.fill_data(self, self.anonymous_user)
-                # then we set this user is logged in
-                self.is_authenticated = True
-            else:
-                self.user_id = None
-                self.username = None
-                self.is_authenticated = False
+            is_user_loaded =  user_model.fill_data(self, self.anonymous_user)
+
+        # Still no luck? Give up.
+        if not is_user_loaded:
+            self.user_id = None
+            self.username = None
+            self.is_authenticated = False
+
+        # The anonymous user is always "logged in".
+        if self.user_id == self.anonymous_user.user_id:
+            self.is_authenticated = True
 
         if not self.username:
             self.username = 'None'