Make sure robot accounts never validate when checking the auth cookie

2013-11-22 20:23:46 -05:00 · 2013-11-22 20:23:46 -05:00 · 9577b428e9
commit 9577b428e9
parent 4faf782f01
1 changed files with 4 additions and 0 deletions
--- a/endpoints/api.py
+++ b/endpoints/api.py
@ -44,6 +44,10 @@ def api_login_required(f):
        current_user.db_user().organization):
      abort(401)

+    if (current_user and current_user.db_user() and
+        current_user.db_user().robot):
+      abort(401)
+
    return f(*args, **kwargs)
  return decorated_view