def process_view(self, request, view_func, *view_args, **view_kwargs):
try:
#extract JWT auth token
id_token, err = self._get_auth_token(request)
if err:
return err
# add a context: (this will contain all info about this user's session info)
ctx = Context()
#set request body
ctx.set_request_body(request)
if id_token:
decoded_token = jwt.decode(id_token,
SECRET_KEY,
algorithm='HS256')
# at this point the user has an active session
ctx.set_user_credentials(decoded_token)
request.context = ctx
#TODO: enforce all requests accessing resources are always logged in first
except Exception as e:
return CustomMassenergizeError(e)
def process_view(self, request, view_func, *view_args, **view_kwargs):
try:
# add a context: (this will contain all info about
# the request body, this user's session info, etc)
ctx = Context()
#set request body
ctx.set_request_body(request)
path = self._get_clean_path(request)
#extract JWT auth token
token = request.COOKIES.get('token', None)
if token:
decoded_token, err = self._get_decoded_token(token)
if err:
err.delete_cookie('token')
return err
# at this point the user has an active session
ctx.set_user_credentials(decoded_token)
if ctx.user_is_admin() and ctx.is_admin_site:
# Extend work time when working on the Admin portal so work is not lost
MAX_AGE = 24 * 60 * 60 # one day
response = MassenergizeResponse(None)
# BHN: I'm not sure why the cookie needs to be deleted first
# but set_cookie doesn't keep it from expiring as I expected
response.delete_cookie("token")
response.set_cookie("token",
value=token,
max_age=MAX_AGE,
samesite='Strict')
request.context = ctx
except Exception as e:
capture_message(str(e), level="error")
return CustomMassenergizeError(e)