Mercurial > kallithea

changeset 5254:d052078e0a16

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
BaseController: refactor API key authentication Untangle API key authentication. Creating an AuthUser from an API key can leave the AuthUser authenticated or not, depending on key validity and Kallithea configuration; but either way, _determine_auth_user will not change this fact, and we can return early.
author Søren Løvborg <kwi@kwi.dk>
date Tue, 14 Jul 2015 13:59:59 +0200
parents ad89cd5a6e1a
children ad70180effaf
files kallithea/lib/base.py
diffstat 1 files changed, 5 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/kallithea/lib/base.py	Tue Jul 14 13:59:59 2015 +0200
+++ b/kallithea/lib/base.py	Tue Jul 14 13:59:59 2015 +0200
@@ -346,11 +346,13 @@
         API key (if any), and the authuser from the session.
         """
 
+        # Authenticate by API key
         if api_key:
             # when using API_KEY we are sure user exists.
-            auth_user = AuthUser(api_key=api_key)
-            authenticated = False
-        else:
+            return AuthUser(api_key=api_key)
+
+        # Authenticate by session cookie
+        if True:
             cookie_store = CookieStoreWrapper(session_authuser)
             user_id = cookie_store.get('user_id')
             try: