From c47578f158f935926727a59c5b849a565e81c2a1 Mon Sep 17 00:00:00 2001
From: Kevin Morris <kevr@0cost.org>
Date: Thu, 9 Dec 2021 23:01:45 -0800
Subject: [PATCH] fix(auth): refresh the user record on successful auth

This will ensure the state of `request.user` is good to go
for any other users which obtain it after the backend.

Signed-off-by: Kevin Morris <kevr@0cost.org>
---
 aurweb/auth/__init__.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/aurweb/auth/__init__.py b/aurweb/auth/__init__.py
index 5f55e2fb..b683b1df 100644
--- a/aurweb/auth/__init__.py
+++ b/aurweb/auth/__init__.py
@@ -122,6 +122,7 @@ class BasicAuthBackend(AuthenticationBackend):
         # exists, due to ForeignKey constraints in the schema upheld
         # by mysqlclient.
         user = db.query(User).filter(User.ID == record.UsersID).first()
+        db.refresh(user)
         user.nonce = util.make_nonce()
         user.authenticated = True