From 26894cd256e4c5e9cd7c62c3a56a12f704c25c49 Mon Sep 17 00:00:00 2001 From: Jiri Kalvoda Date: Mon, 26 Sep 2022 16:37:34 +0200 Subject: [PATCH] =?UTF-8?q?Strategick=C3=A1:=20P=C5=99ihla=C5=A1ov=C3=A1n?= =?UTF-8?q?=C3=AD=20tokenem=20kdekoliv?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Zejména z důvodu generování animace --- server/hra/web/__init__.py | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/server/hra/web/__init__.py b/server/hra/web/__init__.py index 8ca13ee..1395a15 100644 --- a/server/hra/web/__init__.py +++ b/server/hra/web/__init__.py @@ -59,16 +59,13 @@ def init_request(): user = None g.user = None g.org = False - if path.startswith('/api/'): - token = request.args.get('token') - if token is not None: - user = db.get_session().query(db.User).filter_by(token=token).first() - if user is None: - raise werkzeug.exceptions.Forbidden("Wrong token.") - - else: - if 'uid' in session: - user = db.get_session().query(db.User).filter_by(id=session['uid']).first() + token = request.args.get('token') + if token is not None: + user = db.get_session().query(db.User).filter_by(token=token).first() + if user is None: + raise werkzeug.exceptions.Forbidden("Wrong token.") + if 'uid' in session: + user = db.get_session().query(db.User).filter_by(id=session['uid']).first() path = request.path if path.startswith('/org/'): if not user or not user.org: