simplify login ttl processing

2025-07-29 13:49:57 +00:00 · 2023-02-23 17:54:30 +02:00
parent 13faf66bdb
commit a274f91677
7 changed files with 17 additions and 225 deletions
--- a/src/ahriman/web/middlewares/auth_handler.py
+++ b/src/ahriman/web/middlewares/auth_handler.py
@ -33,7 +33,6 @@ from typing import Optional
 from ahriman.core.auth import Auth
 from ahriman.core.configuration import Configuration
 from ahriman.models.user_access import UserAccess
-from ahriman.models.user_identity import UserIdentity
 from ahriman.web.middlewares import HandlerType, MiddlewareType


@ -67,10 +66,7 @@ class AuthorizationPolicy(aiohttp_security.AbstractAuthorizationPolicy):  # type
        Returns:
            Optional[str]: user identity (username) in case if user exists and None otherwise
        """
-        user = UserIdentity.from_identity(identity)
-        if user is None:
-            return None
-        return user.username if await self.validator.known_username(user.username) else None
+        return identity if await self.validator.known_username(identity) else None

    async def permits(self, identity: str, permission: UserAccess, context: Optional[str] = None) -> bool:
        """
@ -84,10 +80,7 @@ class AuthorizationPolicy(aiohttp_security.AbstractAuthorizationPolicy):  # type
        Returns:
            bool: True in case if user is allowed to perform this request and False otherwise
        """
-        user = UserIdentity.from_identity(identity)
-        if user is None:
-            return False
-        return await self.validator.verify_access(user.username, permission, context)
+        return await self.validator.verify_access(identity, permission, context)


 def auth_handler(allow_read_only: bool) -> MiddlewareType:
--- a/src/ahriman/web/views/user/login.py
+++ b/src/ahriman/web/views/user/login.py
@ -21,7 +21,6 @@ from aiohttp.web import HTTPFound, HTTPMethodNotAllowed, HTTPUnauthorized

 from ahriman.core.auth.helpers import remember
 from ahriman.models.user_access import UserAccess
-from ahriman.models.user_identity import UserIdentity
 from ahriman.web.views.base import BaseView


@ -64,10 +63,9 @@ class LoginView(BaseView):
            raise HTTPFound(oauth_provider.get_oauth_url())

        response = HTTPFound("/")
-        username = await oauth_provider.get_oauth_username(code)
-        identity = UserIdentity.from_username(username, self.validator.max_age)
-        if identity is not None and await self.validator.known_username(username):
-            await remember(self.request, response, identity.to_identity())
+        identity = await oauth_provider.get_oauth_username(code)
+        if identity is not None and await self.validator.known_username(identity):
+            await remember(self.request, response, identity)
            raise response

        raise HTTPUnauthorized()
@ -111,12 +109,11 @@ class LoginView(BaseView):
                302: Found
        """
        data = await self.extract_data()
-        username = data.get("username")
+        identity = data.get("username")

        response = HTTPFound("/")
-        identity = UserIdentity.from_username(username, self.validator.max_age)
-        if identity is not None and await self.validator.check_credentials(username, data.get("password")):
-            await remember(self.request, response, identity.to_identity())
+        if identity is not None and await self.validator.check_credentials(identity, data.get("password")):
+            await remember(self.request, response, identity)
            raise response

        raise HTTPUnauthorized()