Add auth to cookie (#964)
When authenticated, the cookie set will allow the user to stay connected even if the browser is restarted. Fixes #951main
parent
1759c119a8
commit
baa8bd0eb4
|
@ -48,6 +48,14 @@ def get_search_name(tbm):
|
||||||
def auth_required(f):
|
def auth_required(f):
|
||||||
@wraps(f)
|
@wraps(f)
|
||||||
def decorated(*args, **kwargs):
|
def decorated(*args, **kwargs):
|
||||||
|
# do not ask password if cookies already present
|
||||||
|
if (
|
||||||
|
valid_user_session(session)
|
||||||
|
and 'cookies_disabled' not in request.args
|
||||||
|
and session['auth']
|
||||||
|
):
|
||||||
|
return f(*args, **kwargs)
|
||||||
|
|
||||||
auth = request.authorization
|
auth = request.authorization
|
||||||
|
|
||||||
# Skip if username/password not set
|
# Skip if username/password not set
|
||||||
|
@ -57,6 +65,7 @@ def auth_required(f):
|
||||||
auth
|
auth
|
||||||
and whoogle_user == auth.username
|
and whoogle_user == auth.username
|
||||||
and whoogle_pass == auth.password):
|
and whoogle_pass == auth.password):
|
||||||
|
session['auth'] = True
|
||||||
return f(*args, **kwargs)
|
return f(*args, **kwargs)
|
||||||
else:
|
else:
|
||||||
return make_response('Not logged in', 401, {
|
return make_response('Not logged in', 401, {
|
||||||
|
@ -140,6 +149,7 @@ def before_request_func():
|
||||||
session['config'] = default_config
|
session['config'] = default_config
|
||||||
session['uuid'] = str(uuid.uuid4())
|
session['uuid'] = str(uuid.uuid4())
|
||||||
session['key'] = app.enc_key
|
session['key'] = app.enc_key
|
||||||
|
session['auth'] = False
|
||||||
|
|
||||||
# Establish config values per user session
|
# Establish config values per user session
|
||||||
g.user_config = Config(**session['config'])
|
g.user_config = Config(**session['config'])
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
from cryptography.fernet import Fernet
|
from cryptography.fernet import Fernet
|
||||||
from flask import current_app as app
|
from flask import current_app as app
|
||||||
|
|
||||||
REQUIRED_SESSION_VALUES = ['uuid', 'config', 'key']
|
REQUIRED_SESSION_VALUES = ['uuid', 'config', 'key', 'auth']
|
||||||
|
|
||||||
|
|
||||||
def generate_key() -> bytes:
|
def generate_key() -> bytes:
|
||||||
|
|
|
@ -20,4 +20,5 @@ def client():
|
||||||
session['uuid'] = 'test'
|
session['uuid'] = 'test'
|
||||||
session['key'] = app.enc_key
|
session['key'] = app.enc_key
|
||||||
session['config'] = {}
|
session['config'] = {}
|
||||||
|
session['auth'] = False
|
||||||
yield client
|
yield client
|
||||||
|
|
Loading…
Reference in New Issue