diff --git a/backend/app/sane_url.py b/backend/app/sane_url.py
index e48931064d311c1207466773115fbae2d9cb23be..8928f9ef8c0f4dac0c1f56d6df881eb5eb75dcca 100644
--- a/backend/app/sane_url.py
+++ b/backend/app/sane_url.py
@@ -12,6 +12,7 @@ from pydantic import BaseModel
from .config import SXPLR_EBRAINS_IAM_SA_CLIENT_ID, SXPLR_EBRAINS_IAM_SA_CLIENT_SECRET, SXPLR_BUCKET_NAME, HOST_PATHNAME
from .const import EBRAINS_IAM_DISCOVERY_URL
from ._store import DataproxyStore
+from .user import get_user
router = APIRouter()
@@ -76,9 +77,10 @@ class SaneUrlDPStore(DataproxyStore):
return super()._get_bucket()
def _prepare_aux(self, request: Optional[Request]=None):
+ user = get_user(request) if request else None
return {
- "userId": None,
- "expiry": SaneUrlDPStore.GetTimeMs() + (self.expiry_s * 1e3)
+ "userId": user.get("id") if user else None,
+ "expiry": None if user else SaneUrlDPStore.GetTimeMs() + (self.expiry_s * 1e3)
}
def get(self, key: str):
diff --git a/backend/app/user.py b/backend/app/user.py
index dc5789038610f0de3f190143a06673f8f4f1b605..d01801994c116de828dcf6c1d34f8a5717de45a8 100644
--- a/backend/app/user.py
+++ b/backend/app/user.py
@@ -9,35 +9,32 @@ import json
from .const import PROFILE_KEY
from .auth import _store
-def is_authenticated(fn):
-
- class NotAuthenticatedEx(Exception): ...
+class NotAuthenticatedEx(Exception): ...
- def check_auth(request: Request):
- if PROFILE_KEY not in request.session:
- raise NotAuthenticatedEx
-
- profile_uuid = request.session[PROFILE_KEY]
- user = _store.get(profile_uuid)
- if not user:
- raise NotAuthenticatedEx
-
- request.state.user = json.loads(user)
+def get_user(request: Request):
+ if PROFILE_KEY not in request.session:
+ return None
+
+ profile_uuid = request.session[PROFILE_KEY]
+ user = _store.get(profile_uuid)
+
+ return json.loads(user) if user else None
+def is_authenticated(fn):
@wraps(fn)
async def async_wrapper(*args, request: Request, **kwargs):
- try:
- check_auth(request)
- except NotAuthenticatedEx:
+ user = get_user(request)
+ if not user:
return Response("Not authenticated", 401)
+ request.state.user = user
return await fn(*args, request=request, **kwargs)
@wraps(fn)
def sync_wrapper(*args, request: Request, **kwargs):
- try:
- check_auth(request)
- except NotAuthenticatedEx:
+ user = get_user(request)
+ if not user:
return Response("Not authenticated", 401)
+ request.state.user = user
return fn(*args, request=request, **kwargs)
return async_wrapper if iscoroutine(fn) else sync_wrapper
diff --git a/docs/releases/v2.13.5.md b/docs/releases/v2.13.5.md
new file mode 100644
index 0000000000000000000000000000000000000000..99554e57121c0a0908ecaf0775f81e308af09d75
--- /dev/null
+++ b/docs/releases/v2.13.5.md
@@ -0,0 +1,5 @@
+# v2.13.5
+
+## Bugfix
+
+- Fix saneurl generation. Logged in user can generate long lived saneurls again
diff --git a/mkdocs.yml b/mkdocs.yml
index dd014bb59f47efbe81010951fd0be4d184404be6..4e782a75f743f652947a8e4899fd4243710ce17e 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -33,6 +33,7 @@ nav:
- Fetching datasets: 'advanced/datasets.md'
- Display non-atlas volumes: 'advanced/otherVolumes.md'
- Release notes:
+ - v2.13.5: 'releases/v2.13.5.md'
- v2.13.4: 'releases/v2.13.4.md'
- v2.13.3: 'releases/v2.13.3.md'
- v2.13.2: 'releases/v2.13.2.md'
diff --git a/package.json b/package.json
index 1bbda561272633686c7c388c68220cff4f83c4ed..a8d4d91d281340a14821537ae29b3cf76def7d3f 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "siibra-explorer",
- "version": "2.13.4",
+ "version": "2.13.5",
"description": "siibra-explorer - explore brain atlases. Based on humanbrainproject/nehuba & google/neuroglancer. Built with angular",
"scripts": {
"lint": "eslint src --ext .ts",