From 9577b428e94c3a318378df0e464eb37712434519 Mon Sep 17 00:00:00 2001
From: Joseph Schorr <jschorr@gmail.com>
Date: Fri, 22 Nov 2013 20:23:46 -0500
Subject: [PATCH] Make sure robot accounts never validate when checking the
 auth cookie

---
 endpoints/api.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/endpoints/api.py b/endpoints/api.py
index 22300cb52..5f929aca2 100644
--- a/endpoints/api.py
+++ b/endpoints/api.py
@@ -44,6 +44,10 @@ def api_login_required(f):
         current_user.db_user().organization):
       abort(401)
 
+    if (current_user and current_user.db_user() and
+        current_user.db_user().robot):
+      abort(401)
+
     return f(*args, **kwargs)
   return decorated_view