Strategická: Přihlašování tokenem kdekoliv

Zejména z důvodu generování animace
2 years ago · 26894cd256
1 changed files with 7 additions and 10 deletions
--- a/server/hra/web/init.py
+++ b/server/hra/web/init.py
@ -59,16 +59,13 @@ def init_request():
    user = None
    g.user = None
    g.org = False
-    if path.startswith('/api/'):
-        token = request.args.get('token')
-        if token is not None:
-            user = db.get_session().query(db.User).filter_by(token=token).first()
-            if user is None:
-                raise werkzeug.exceptions.Forbidden("Wrong token.")
-
-    else:
-        if 'uid' in session:
-            user = db.get_session().query(db.User).filter_by(id=session['uid']).first()
+    token = request.args.get('token')
+    if token is not None:
+        user = db.get_session().query(db.User).filter_by(token=token).first()
+        if user is None:
+            raise werkzeug.exceptions.Forbidden("Wrong token.")
+    if 'uid' in session:
+        user = db.get_session().query(db.User).filter_by(id=session['uid']).first()
    path = request.path
    if path.startswith('/org/'):
        if not user or not user.org: