Skip to content

Commit

Permalink
tokens: fix expiration message flashing
Browse files Browse the repository at this point in the history
  • Loading branch information
@slint
slint committed Nov 13, 2023
1 parent 78d8904 commit ff4e77b
Showing 1 changed file with 17 additions and 6 deletions.
23 changes: 17 additions & 6 deletions site/zenodo_rdm/legacy/tokens.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ def __init__(self, expires_at=None, **kwargs):
current_app.config["SECRET_KEY"],
expires_in=int(dt.total_seconds()) if dt else None,
salt="accessrequests-timedlink",
**kwargs
**kwargs,
)


Expand Down Expand Up @@ -133,15 +133,26 @@ def load_token(cls, token, force=False):

def verify_legacy_secret_link(identity):
"""Verify the legacy secret linlk token."""
token_arg = "token"
session_arg = "_legacy_secret_link_token"
token = request.args.get(token_arg, session.get(session_arg, None))
token = None
token_source = None
arg_key = "token"
session_key = "_legacy_secret_link_token"
arg_token = request.args.get(arg_key, None)
session_token = session.get(session_key, None)
if arg_token:
token = arg_token
token_source = "arg"
elif session_token:
token = session_token
token_source = "session"

if token:
try:
data = SecretLinkFactory.load_token(token)
if data:
identity.provides.add(LegacySecretLinkNeed(str(data["data"]["recid"])))
session[session_arg] = token
session[session_key] = token
except SignatureExpired:
flash(_("Your shared link has expired."))
if token_source == "arg":
flash(_("Your shared link has expired."))
session.pop(session_key, None)

0 comments on commit ff4e77b

Please sign in to comment.