dffdd

2021-07-31 06:30:25 +02:00 · 2021-07-31 06:30:25 +02:00 · 131b2f05a1
parent 3882fb0006
commit 131b2f05a1
2 changed files with 21 additions and 37 deletions
--- a/drama/helpers/wrappers.py
+++ b/drama/helpers/wrappers.py
@ -9,39 +9,7 @@ def get_logged_in_user(db=None):
 	if not db:
 		db=g.db

-	if request.path.startswith("/api/v1"):
-
-		token = request.headers.get("Authorization")
-		if not token:
-
-			#let admins hit api/v1 from browser
-			# x=request.session.get('user_id')
-			# nonce=request.session.get('login_nonce')
-			# if not x or not nonce:
-			#	 return None, None
-			# user=g.db.query(User).filter_by(id=x).first()
-			# if not user:
-			#	 return None, None
-			# if user.admin_level >=3 and nonce>=user.login_nonce:
-			#	 return user, None
-			return None, None
-
-		token = token.split()
-		if len(token) < 2:
-			return None, None
-
-		token = token[1]
-		if not token:
-			return None, None
-
-		client = db.query(ClientAuth).filter(
-			ClientAuth.access_token == token).first()
-			#ClientAuth.access_token_expire_utc > int(time.time()
-
-		x = (client.user, client) if client else (None, None)
-
-
-	elif "user_id" in session:
+	if "user_id" in session:

 		uid = session.get("user_id")
 		nonce = session.get("login_nonce", 0)
@ -62,13 +30,29 @@ def get_logged_in_user(db=None):
 			x=(v, None)

 	else:
-		x=(None, None)
+		token = request.headers.get("Authorization")
+		if not token: return None, None

-	if x[0]:
-		x[0].client=x[1]
+		token = token.split()
+		if len(token) < 2:
+			return None, None
+
+		token = token[1]
+		if not token:
+			return None, None
+
+		client = db.query(ClientAuth).filter(
+			ClientAuth.access_token == token).first()
+			#ClientAuth.access_token_expire_utc > int(time.time()
+
+		x = (client.user, client) if client else (None, None)
+
+
+	if x[0]: x[0].client=x[1]

 	return x

+
 def check_ban_evade(v):

 	if not v or not v.ban_evade or v.admin_level > 0:
--- a/drama/routes/front.py
+++ b/drama/routes/front.py
@ -215,7 +215,7 @@ def front_all(v):
 	# check if ids exist
 	posts = get_posts(ids, v=v)

-	if request.path == "/": return render_template("home.html", v=v, listing=posts, next_exists=next_exists, sort=sort, t=t, page=page)
+	if "user_id" in session: return render_template("home.html", v=v, listing=posts, next_exists=next_exists, sort=sort, t=t, page=page)
 	else: return jsonify({"data": [x.json for x in posts], "next_exists": next_exists})

@cache.memoize(timeout=1500)