moved the hook to add the cookies to the response into the base class to avoid re-coding it in every place it is needed.

2019-02-04 15:04:22 -06:00 · 2019-02-04 15:04:22 -06:00 · aea9851116
parent 70ccab71de
commit aea9851116
2 changed files with 8 additions and 14 deletions
--- a/api/sso/sso_api/endpoints/authenticate_internal.py
+++ b/api/sso/sso_api/endpoints/authenticate_internal.py
@ -8,8 +8,6 @@ authentication, which uses a 3rd party authentication, like Google.
 from binascii import a2b_base64
 from http import HTTPStatus

-from flask import after_this_request
-
 from selene.account import Account, AccountRepository, RefreshTokenRepository
 from selene.api import SeleneEndpoint
 from selene.util.auth import AuthenticationError
@ -30,21 +28,12 @@ class AuthenticateInternalEndpoint(SeleneEndpoint):
            self._authenticate_credentials()
            access_token, refresh_token = self._generate_tokens()
            self._add_refresh_token_to_db(refresh_token)
-            cookies = self._generate_token_cookies(access_token, refresh_token)
+            self._generate_token_cookies(access_token, refresh_token)
        except AuthenticationError as ae:
-            cookies = None
            self.response = (str(ae), HTTPStatus.UNAUTHORIZED)
        else:
            self._build_response()

-        @after_this_request
-        def set_cookies(response):
-            if cookies is not None:
-                access_token_cookie, refresh_token_cookie = cookies
-                response.set_cookie(**access_token_cookie)
-                response.set_cookie(**refresh_token_cookie)
-            return response
-
        return self.response

    def _authenticate_credentials(self):
--- a/shared/selene/api/base_endpoint.py
+++ b/shared/selene/api/base_endpoint.py
@ -2,7 +2,7 @@

 from http import HTTPStatus

-from flask import request, current_app
+from flask import after_this_request, current_app, request
 from flask_restful import Resource

 from selene.account import Account, AccountRepository, RefreshTokenRepository
@ -138,7 +138,12 @@ class SeleneEndpoint(Resource):
            httponly=True
        )

-        return access_token_cookie, refresh_token_cookie
+        @after_this_request
+        def set_cookies(response):
+            response.set_cookie(**access_token_cookie)
+            response.set_cookie(**refresh_token_cookie)
+
+            return response

    def _update_refresh_token_on_db(self, new_refresh_token):
        old_refresh_token = self.request.cookies['seleneRefresh']