diff options
author | Bryan Newbold <bnewbold@robocracy.org> | 2019-04-09 10:58:54 -0700 |
---|---|---|
committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-04-09 10:58:54 -0700 |
commit | 81aa93d574f9c8b2d92a47d41dd556cf2c3e8a37 (patch) | |
tree | 0380e21f97fc599bcd8f37743ff1000b60b987b5 /python | |
parent | 2a72864a8e39a2a45c00840ae0eff005d0735eae (diff) | |
download | fatcat-81aa93d574f9c8b2d92a47d41dd556cf2c3e8a37.tar.gz fatcat-81aa93d574f9c8b2d92a47d41dd556cf2c3e8a37.zip |
verify auth on account page (via auth_check())
Diffstat (limited to 'python')
-rw-r--r-- | python/fatcat_web/routes.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/python/fatcat_web/routes.py b/python/fatcat_web/routes.py index 3479a937..422d121e 100644 --- a/python/fatcat_web/routes.py +++ b/python/fatcat_web/routes.py @@ -650,7 +650,11 @@ def logout(): @app.route('/auth/account') @login_required def auth_account(): - editor = api.get_editor(session['editor']['editor_id']) + # auth check on account page + user_api = auth_api(session['api_token']) + resp = user_api.auth_check() + assert(resp.success) + editor = user_api.get_editor(session['editor']['editor_id']) session['editor'] = editor.to_dict() load_user(editor.editor_id) return render_template('auth_account.html') |