Пример #1
0
def _resolve_user_in_https_frame(handler):
    """Determine the current logged in user for the HTTPS request.

    This has logic in additional to UserData.current(), since it should also
    accept TransferAuthTokens, since HTTPS requests may not have normal HTTP
    cookies sent.
    """

    user_data = UserData.current()
    if user_data:
        return user_data

    if not App.is_dev_server and not handler.request.uri.startswith('https'):
        return None

    # On https, users aren't recognized through the normal means of cookie auth
    # since their cookies were set on HTTP domains.
    token_value = handler.request_string("transfer_token", default=None)
    return TransferAuthToken.get_user_for_value(
        token_value, UserData.get_from_user_id)
Пример #2
0
def _resolve_user_in_https_frame(handler):
    """Determine the current logged in user for the HTTPS request.

    This has logic in additional to UserData.current(), since it should also
    accept TransferAuthTokens, since HTTPS requests may not have normal HTTP
    cookies sent.
    """

    user_data = UserData.current()
    if user_data:
        return user_data

    if not App.is_dev_server and not handler.request.uri.startswith('https'):
        return None

    # On https, users aren't recognized through the normal means of cookie auth
    # since their cookies were set on HTTP domains.
    token_value = handler.request_string("transfer_token", default=None)
    return TransferAuthToken.get_user_for_value(token_value,
                                                UserData.get_from_user_id)