##// END OF EJS Templates
sessions: don't touch session for API calls.
marcink -
r3749:7da1bd06 new-ui
parent child Browse files
Show More
@@ -374,20 +374,25 b' def attach_context_attributes(context, r'
374 374 "sideside": "sideside"
375 375 }.get(request.GET.get('diffmode'))
376 376
377 if diffmode and diffmode != request.session.get('rc_user_session_attr.diffmode'):
378 request.session['rc_user_session_attr.diffmode'] = diffmode
379
380 # session settings per user
377 is_api = hasattr(request, 'rpc_user')
381 378 session_attrs = {
382 379 # defaults
383 380 "clone_url_format": "http",
384 381 "diffmode": "sideside"
385 382 }
386 for k, v in request.session.items():
387 pref = 'rc_user_session_attr.'
388 if k and k.startswith(pref):
389 k = k[len(pref):]
390 session_attrs[k] = v
383
384 if not is_api:
385 # don't access pyramid session for API calls
386 if diffmode and diffmode != request.session.get('rc_user_session_attr.diffmode'):
387 request.session['rc_user_session_attr.diffmode'] = diffmode
388
389 # session settings per user
390
391 for k, v in request.session.items():
392 pref = 'rc_user_session_attr.'
393 if k and k.startswith(pref):
394 k = k[len(pref):]
395 session_attrs[k] = v
391 396
392 397 context.user_session_attrs = session_attrs
393 398
@@ -419,8 +424,12 b' def attach_context_attributes(context, r'
419 424 'extra': {'plugins': {}}
420 425 }
421 426 # END CONFIG VARS
427 if is_api:
428 csrf_token = None
429 else:
430 csrf_token = auth.get_csrf_token(session=request.session)
422 431
423 context.csrf_token = auth.get_csrf_token(session=request.session)
432 context.csrf_token = csrf_token
424 433 context.backends = rhodecode.BACKENDS.keys()
425 434 context.backends.sort()
426 435 unread_count = 0
General Comments 0
You need to be logged in to leave comments. Login now