vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Delegated superuser API access

Browse source 
Add a new scope for SUPERUSER that allows delegated access to the superuser endpoints. CA needs this so they can programmatically create and remove users.
This commit is contained in:
Joseph Schorr 2015-06-28 11:22:34 +03:00
parent d9ce8fdf52
commit 87efcb9e3d
4 changed files with 41 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
endpoints/api/__init__.py
View file

@ -308,6 +308,10 @@ def require_fresh_login(func):
if not user:
raise Unauthorized()
oauth_token = get_validated_oauth_token()
if oauth_token:
return func(*args, **kwargs)
logger.debug('Checking fresh login for user %s', user.username)
last_login = session.get('login_time', datetime.datetime.min)