diff options
| author | Bryan Newbold <bnewbold@robocracy.org> | 2019-04-09 10:58:54 -0700 | 
|---|---|---|
| committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-04-09 10:58:54 -0700 | 
| commit | 81aa93d574f9c8b2d92a47d41dd556cf2c3e8a37 (patch) | |
| tree | 0380e21f97fc599bcd8f37743ff1000b60b987b5 | |
| parent | 2a72864a8e39a2a45c00840ae0eff005d0735eae (diff) | |
| download | fatcat-81aa93d574f9c8b2d92a47d41dd556cf2c3e8a37.tar.gz fatcat-81aa93d574f9c8b2d92a47d41dd556cf2c3e8a37.zip | |
verify auth on account page (via auth_check())
| -rw-r--r-- | python/fatcat_web/routes.py | 6 | 
1 files changed, 5 insertions, 1 deletions
| diff --git a/python/fatcat_web/routes.py b/python/fatcat_web/routes.py index 3479a937..422d121e 100644 --- a/python/fatcat_web/routes.py +++ b/python/fatcat_web/routes.py @@ -650,7 +650,11 @@ def logout():  @app.route('/auth/account')  @login_required  def auth_account(): -    editor = api.get_editor(session['editor']['editor_id']) +    # auth check on account page +    user_api = auth_api(session['api_token']) +    resp = user_api.auth_check() +    assert(resp.success) +    editor = user_api.get_editor(session['editor']['editor_id'])      session['editor'] = editor.to_dict()      load_user(editor.editor_id)      return render_template('auth_account.html') | 
