diff --git a/aurweb/cookies.py b/aurweb/cookies.py index 022cff1e..84c43f9b 100644 --- a/aurweb/cookies.py +++ b/aurweb/cookies.py @@ -1,6 +1,3 @@ -from aurweb import config - - def samesite() -> str: """Produce cookie SameSite value. @@ -9,24 +6,3 @@ def samesite() -> str: :returns "lax" """ return "lax" - - -def timeout(extended: bool) -> int: - """Produce a session timeout based on `remember_me`. - - This method returns one of AUR_CONFIG's options.persistent_cookie_timeout - and options.login_timeout based on the `extended` argument. - - The `extended` argument is typically the value of the AURREMEMBER - cookie, defaulted to False. - - If `extended` is False, options.login_timeout is returned. Otherwise, - if `extended` is True, options.persistent_cookie_timeout is returned. - - :param extended: Flag which generates an extended timeout when True - :returns: Cookie timeout based on configuration options - """ - timeout = config.getint("options", "login_timeout") - if bool(extended): - timeout = config.getint("options", "persistent_cookie_timeout") - return timeout diff --git a/aurweb/models/user.py b/aurweb/models/user.py index 9846d996..8612c259 100644 --- a/aurweb/models/user.py +++ b/aurweb/models/user.py @@ -95,7 +95,7 @@ class User(Base): def _login_approved(self, request: Request): return not is_banned(request) and not self.Suspended - def login(self, request: Request, password: str, session_time: int = 0) -> str: + def login(self, request: Request, password: str) -> str: """Login and authenticate a request.""" from aurweb import db diff --git a/aurweb/routers/auth.py b/aurweb/routers/auth.py index 46dee3a4..88eaa0e6 100644 --- a/aurweb/routers/auth.py +++ b/aurweb/routers/auth.py @@ -29,8 +29,8 @@ async def login_get(request: Request, next: str = "/"): @db.retry_deadlock -def _retry_login(request: Request, user: User, passwd: str, cookie_timeout: int) -> str: - return user.login(request, passwd, cookie_timeout) +def _retry_login(request: Request, user: User, passwd: str) -> str: + return user.login(request, passwd) @router.post("/login", response_class=HTMLResponse) @@ -76,7 +76,7 @@ async def login_post( cookie_timeout = aurweb.config.getint("options", "persistent_cookie_timeout") perma_timeout = aurweb.config.getint("options", "permanent_cookie_timeout") - sid = _retry_login(request, user, passwd, cookie_timeout) + sid = _retry_login(request, user, passwd) if not sid: return await login_template(request, next, errors=["Bad username or password."]) diff --git a/aurweb/users/update.py b/aurweb/users/update.py index ace9dace..759088cd 100644 --- a/aurweb/users/update.py +++ b/aurweb/users/update.py @@ -2,7 +2,7 @@ from typing import Any from fastapi import Request -from aurweb import cookies, db, models, time, util +from aurweb import db, models, time, util from aurweb.models import SSHPubKey from aurweb.models.ssh_pub_key import get_fingerprint from aurweb.util import strtobool @@ -131,11 +131,9 @@ def password( user.update_password(P) if user == request.user: - remember_me = request.cookies.get("AURREMEMBER") == "True" - # If the target user is the request user, login with # the updated password to update the Session record. - user.login(request, P, cookies.timeout(remember_me)) + user.login(request, P) @db.retry_deadlock