Mercurial > kallithea
changeset 5324:7e8d80882865
auth: refactor user lookup in AuthUser constructor for clarity
First, note that `fill_data` checks that the specified `db.User` is
`active` before copying anything, and returns False if not.
Now, previously when calling e.g. `AuthUser(user_id=anonymous_user_id)`,
`_propagate_data` would explicitly refuse to look up the anonymous
user, but then fall back to the anonymous user anyway (if `active`),
or use None values (if not `active`).
Given the same situation, the new code simply looks up the anonymous
user like it would any other user, and copies data using `fill_data`.
If the anonymous user is not `active`, we fall back to the existing
code path and behave as before (that is, use None values).
author | Søren Løvborg <kwi@kwi.dk> |
---|---|
date | Sun, 26 Jul 2015 13:58:50 +0200 |
parents | 81d8affd08f4 |
children | fd3e1ca9cce9 |
files | kallithea/lib/auth.py |
diffstat | 1 files changed, 14 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/lib/auth.py Sun Jul 26 13:58:50 2015 +0200 +++ b/kallithea/lib/auth.py Sun Jul 26 13:58:50 2015 +0200 @@ -506,28 +506,31 @@ is_user_loaded = False # lookup by userid - if self.user_id is not None and self.user_id != self.anonymous_user.user_id: + if self.user_id is not None: log.debug('Auth User lookup by USER ID %s' % self.user_id) is_user_loaded = user_model.fill_data(self, user_model.get(self.user_id)) # try go get user by API key - elif self._api_key and self._api_key != self.anonymous_user.api_key: + elif self._api_key: log.debug('Auth User lookup by API key %s' % self._api_key) is_user_loaded = user_model.fill_data(self, User.get_by_api_key(self._api_key)) else: log.debug('No data in %s that could been used to log in' % self) + # If user cannot be found, try falling back to anonymous. if not is_user_loaded: - # if we cannot authenticate user try anonymous - if self.anonymous_user.active: - user_model.fill_data(self, self.anonymous_user) - # then we set this user is logged in - self.is_authenticated = True - else: - self.user_id = None - self.username = None - self.is_authenticated = False + is_user_loaded = user_model.fill_data(self, self.anonymous_user) + + # Still no luck? Give up. + if not is_user_loaded: + self.user_id = None + self.username = None + self.is_authenticated = False + + # The anonymous user is always "logged in". + if self.user_id == self.anonymous_user.user_id: + self.is_authenticated = True if not self.username: self.username = 'None'