Refactor accountportal to use mozsvc.user

VERIFIED FIXED

Status

Cloud Services
Server: Account Portal
VERIFIED FIXED
7 years ago
6 years ago

People

(Reporter: rfkelly, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

7 years ago
Created attachment 580288 [details] [diff] [review]
patch refactoring accountportal to use mozsvc.user

This uses the new mozsvc.user module to simplify the auth-management code in account portal.  The automatically-loaded auth backend is available at request.registry["auth"], while the AuthenticationPolicy becomes a pretty simple wrapper around mozsvc.user.authenticate().
Attachment #580288 - Flags: review?(telliott)
(Reporter)

Updated

7 years ago
Summary: Refactor auth handling to use mozsvc.user → Refactor accountportal to use mozsvc.user
Comment on attachment 580288 [details] [diff] [review]
patch refactoring accountportal to use mozsvc.user

We probably want to put the CEF logging back for a bad username and password combo, but otherwise looks fine.

Note that authenticated_userid now returns the id rather than the username. Since I don't think we're using that anywhere, I don't think it's a problem, but should keep an eye on that.
Attachment #580288 - Flags: review?(telliott) → review+
(Reporter)

Comment 2

7 years ago
> We probably want to put the CEF logging back for a bad username and password combo

This is done inside mozsvc.user.authenticate().

> Note that authenticated_userid now returns the id rather than the username.

Hmmm, quite right.  Most of the pyramid auth plugins I've seen have returned the username from this method, so I think that's the right thing to do here.  Definitely something to keep an eye on.

Committed in http://hg.mozilla.org/services/account-portal/rev/bb631007e482
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.