Private method. Assumes request already verified. An issue of this being part of auth is that we may want the actual member object available in the session, and at least our current process is to close / not pass the session used in auth. That perhaps is a good area to change
(session)
| 4 | |
| 5 | |
| 6 | def get_member(session): |
| 7 | """ |
| 8 | Private method. Assumes request already verified. |
| 9 | |
| 10 | An issue of this being part of auth is that we may want the actual |
| 11 | member object available in the session, |
| 12 | and at least our current process is to close / not pass the |
| 13 | session used in auth. That perhaps is a good area to change |
| 14 | but either way core logic here is similar. |
| 15 | """ |
| 16 | member = None |
| 17 | |
| 18 | # Potential to be outside of request context |
| 19 | if not request: |
| 20 | return member |
| 21 | |
| 22 | user = User.get(session) |
| 23 | if user: |
| 24 | member = user.member |
| 25 | else: |
| 26 | if request.authorization: |
| 27 | client_id = request.authorization.get('username', None) |
| 28 | if client_id and client_id != 'None': |
| 29 | auth = Auth_api.get(session, client_id) |
| 30 | member = auth.member |
| 31 | |
| 32 | return member |
no test coverage detected