Show More
@@ -459,9 +459,14 b' def get_auth_user(request):' | |||
|
459 | 459 | session = request.session |
|
460 | 460 | |
|
461 | 461 | ip_addr = get_ip_addr(environ) |
|
462 | ||
|
462 | 463 | # make sure that we update permissions each time we call controller |
|
463 | _auth_token = (request.GET.get('auth_token', '') or | |
|
464 | request.GET.get('api_key', '')) | |
|
464 | _auth_token = (request.GET.get('auth_token', '') or request.GET.get('api_key', '')) | |
|
465 | if not _auth_token: | |
|
466 | url_auth_token = request.matchdict.get('_auth_token') | |
|
467 | _auth_token = url_auth_token | |
|
468 | if _auth_token: | |
|
469 | log.debug('Using URL extracted auth token `...%s`', _auth_token[-4:]) | |
|
465 | 470 | |
|
466 | 471 | if _auth_token: |
|
467 | 472 | # when using API_KEY we assume user exists, and |
@@ -495,7 +500,7 b' def get_auth_user(request):' | |||
|
495 | 500 | # user is not authenticated and not empty |
|
496 | 501 | auth_user.set_authenticated(authenticated) |
|
497 | 502 | |
|
498 | return auth_user | |
|
503 | return auth_user, _auth_token | |
|
499 | 504 | |
|
500 | 505 | |
|
501 | 506 | def h_filter(s): |
@@ -95,8 +95,9 b' def add_request_user_context(event):' | |||
|
95 | 95 | # skip api calls |
|
96 | 96 | return |
|
97 | 97 | |
|
98 | auth_user = get_auth_user(request) | |
|
98 | auth_user, auth_token = get_auth_user(request) | |
|
99 | 99 | request.user = auth_user |
|
100 | request.user_auth_token = auth_token | |
|
100 | 101 | request.environ['rc_auth_user'] = auth_user |
|
101 | 102 | request.environ['rc_auth_user_id'] = auth_user.user_id |
|
102 | 103 | request.environ['rc_req_id'] = req_id |
General Comments 0
You need to be logged in to leave comments.
Login now