refactor: remove session_time from user.login

The parameter is not used, we can remove it and adapt the callers. Signed-off-by: moson-mo <mo-son@mailbox.org>
2025-02-03 10:43:03 +01:00 · 2023-05-26 23:02:38 +02:00 · 2023-05-26 23:02:38 +02:00 · a7882c7533
commit a7882c7533
parent 22fe4a988a
4 changed files with 6 additions and 32 deletions
--- a/aurweb/cookies.py
+++ b/aurweb/cookies.py
@ -1,6 +1,3 @@
-from aurweb import config
-
-
 def samesite() -> str:
    """Produce cookie SameSite value.

@ -9,24 +6,3 @@ def samesite() -> str:
    :returns "lax"
    """
    return "lax"
-
-
-def timeout(extended: bool) -> int:
-    """Produce a session timeout based on `remember_me`.
-
-    This method returns one of AUR_CONFIG's options.persistent_cookie_timeout
-    and options.login_timeout based on the `extended` argument.
-
-    The `extended` argument is typically the value of the AURREMEMBER
-    cookie, defaulted to False.
-
-    If `extended` is False, options.login_timeout is returned. Otherwise,
-    if `extended` is True, options.persistent_cookie_timeout is returned.
-
-    :param extended: Flag which generates an extended timeout when True
-    :returns: Cookie timeout based on configuration options
-    """
-    timeout = config.getint("options", "login_timeout")
-    if bool(extended):
-        timeout = config.getint("options", "persistent_cookie_timeout")
-    return timeout
--- a/aurweb/models/user.py
+++ b/aurweb/models/user.py
@ -95,7 +95,7 @@ class User(Base):
    def _login_approved(self, request: Request):
        return not is_banned(request) and not self.Suspended

-    def login(self, request: Request, password: str, session_time: int = 0) -> str:
+    def login(self, request: Request, password: str) -> str:
        """Login and authenticate a request."""

        from aurweb import db
--- a/aurweb/routers/auth.py
+++ b/aurweb/routers/auth.py
@ -29,8 +29,8 @@ async def login_get(request: Request, next: str = "/"):


@db.retry_deadlock
-def _retry_login(request: Request, user: User, passwd: str, cookie_timeout: int) -> str:
-    return user.login(request, passwd, cookie_timeout)
+def _retry_login(request: Request, user: User, passwd: str) -> str:
+    return user.login(request, passwd)


@router.post("/login", response_class=HTMLResponse)
@ -76,7 +76,7 @@ async def login_post(
        cookie_timeout = aurweb.config.getint("options", "persistent_cookie_timeout")

    perma_timeout = aurweb.config.getint("options", "permanent_cookie_timeout")
-    sid = _retry_login(request, user, passwd, cookie_timeout)
+    sid = _retry_login(request, user, passwd)
    if not sid:
        return await login_template(request, next, errors=["Bad username or password."])

--- a/aurweb/users/update.py
+++ b/aurweb/users/update.py
@ -2,7 +2,7 @@ from typing import Any

 from fastapi import Request

-from aurweb import cookies, db, models, time, util
+from aurweb import db, models, time, util
 from aurweb.models import SSHPubKey
 from aurweb.models.ssh_pub_key import get_fingerprint
 from aurweb.util import strtobool
@ -131,11 +131,9 @@ def password(
            user.update_password(P)

        if user == request.user:
-            remember_me = request.cookies.get("AURREMEMBER") == "True"
-
            # If the target user is the request user, login with
            # the updated password to update the Session record.
-            user.login(request, P, cookies.timeout(remember_me))
+            user.login(request, P)


@db.retry_deadlock