Inline issue_access_token (#5659)
this is only used in one place, so it's clearer if we inline it and reduce the API surface. Also, fixes a buglet where we would create an access token even if we were about to block the user (we would never return the AT, so the user could never use it, but it was still created and added to the db.)
This commit is contained in:
parent
8ab3444fdf
commit
1890cfcf82
|
@ -0,0 +1 @@
|
||||||
|
Inline issue_access_token.
|
|
@ -578,9 +578,11 @@ class AuthHandler(BaseHandler):
|
||||||
StoreError if there was a problem storing the token.
|
StoreError if there was a problem storing the token.
|
||||||
"""
|
"""
|
||||||
logger.info("Logging in user %s on device %s", user_id, device_id)
|
logger.info("Logging in user %s on device %s", user_id, device_id)
|
||||||
access_token = yield self.issue_access_token(user_id, device_id)
|
|
||||||
yield self.auth.check_auth_blocking(user_id)
|
yield self.auth.check_auth_blocking(user_id)
|
||||||
|
|
||||||
|
access_token = self.macaroon_gen.generate_access_token(user_id)
|
||||||
|
yield self.store.add_access_token_to_user(user_id, access_token, device_id)
|
||||||
|
|
||||||
# the device *should* have been registered before we got here; however,
|
# the device *should* have been registered before we got here; however,
|
||||||
# it's possible we raced against a DELETE operation. The thing we
|
# it's possible we raced against a DELETE operation. The thing we
|
||||||
# really don't want is active access_tokens without a record of the
|
# really don't want is active access_tokens without a record of the
|
||||||
|
@ -831,12 +833,6 @@ class AuthHandler(BaseHandler):
|
||||||
defer.returnValue(None)
|
defer.returnValue(None)
|
||||||
defer.returnValue(user_id)
|
defer.returnValue(user_id)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
|
||||||
def issue_access_token(self, user_id, device_id=None):
|
|
||||||
access_token = self.macaroon_gen.generate_access_token(user_id)
|
|
||||||
yield self.store.add_access_token_to_user(user_id, access_token, device_id)
|
|
||||||
defer.returnValue(access_token)
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def validate_short_term_login_token_and_get_user_id(self, login_token):
|
def validate_short_term_login_token_and_get_user_id(self, login_token):
|
||||||
auth_api = self.hs.get_auth()
|
auth_api = self.hs.get_auth()
|
||||||
|
|
|
@ -244,7 +244,7 @@ class AuthTestCase(unittest.TestCase):
|
||||||
USER_ID = "@percy:matrix.org"
|
USER_ID = "@percy:matrix.org"
|
||||||
self.store.add_access_token_to_user = Mock()
|
self.store.add_access_token_to_user = Mock()
|
||||||
|
|
||||||
token = yield self.hs.handlers.auth_handler.issue_access_token(
|
token = yield self.hs.handlers.auth_handler.get_access_token_for_user_id(
|
||||||
USER_ID, "DEVICE"
|
USER_ID, "DEVICE"
|
||||||
)
|
)
|
||||||
self.store.add_access_token_to_user.assert_called_with(USER_ID, token, "DEVICE")
|
self.store.add_access_token_to_user.assert_called_with(USER_ID, token, "DEVICE")
|
||||||
|
|
Loading…
Reference in New Issue