Refactor our auth handling code to be cleaner
Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.
This commit is contained in:
parent
1bd4422da9
commit
651666b60b
18 changed files with 830 additions and 455 deletions
|
@ -9,10 +9,11 @@ from flask import request, make_response, jsonify, session
|
|||
from data.interfaces.v1 import pre_oci_model as model
|
||||
from app import authentication, userevents, metric_queue
|
||||
from auth.auth_context import get_authenticated_user, get_validated_token, get_validated_oauth_token
|
||||
from auth.decorators import process_auth, generate_signed_token
|
||||
from auth.decorators import process_auth
|
||||
from auth.permissions import (ModifyRepositoryPermission, UserAdminPermission,
|
||||
ReadRepositoryPermission, CreateRepositoryPermission,
|
||||
repository_read_grant, repository_write_grant)
|
||||
from auth.signedgrant import generate_signed_token
|
||||
from util.http import abort
|
||||
from util.names import REPOSITORY_NAME_REGEX
|
||||
from endpoints.common import parse_repository_name
|
||||
|
|
|
@ -14,8 +14,8 @@ from app import (app, billing as stripe, build_logs, avatar, signer, log_archive
|
|||
get_app_url, instance_keys, user_analytics)
|
||||
from auth import scopes
|
||||
from auth.auth_context import get_authenticated_user
|
||||
from auth.decorators import (has_basic_auth, require_session_login, process_oauth,
|
||||
process_auth_or_cookie)
|
||||
from auth.basic import has_basic_auth
|
||||
from auth.decorators import require_session_login, process_oauth, process_auth_or_cookie
|
||||
from auth.permissions import (AdministerOrganizationPermission, ReadRepositoryPermission,
|
||||
SuperUserPermission, AdministerRepositoryPermission,
|
||||
ModifyRepositoryPermission, OrganizationMemberPermission)
|
||||
|
|
Reference in a new issue