Update protected route code

silentworks · Nov 15, 2023 · 34ee641 · 34ee641
1 parent 6ffa6b5
commit 34ee641
Show file tree

Hide file tree

Showing 13 changed files with 25 additions and 28 deletions.
diff --git a/app/__init__.py b/app/__init__.py
@@ -3,7 +3,7 @@
 from flask_misaka import Misaka
 from app.supabase import (
     supabase,
-    session_context_processor,
+    user_context_processor,
     get_profile_by_slug,
     get_profile_by_user,
     get_all_notes_by_user_id,
@@ -22,7 +22,7 @@
 
 # Set the secret key to some random bytes. Keep this really secret!
 app.secret_key = b"c8af64a6a0672678800db3c5a3a8d179f386e083f559518f2528202a4b7de8f8"
-app.context_processor(session_context_processor)
+app.context_processor(user_context_processor)
 app.register_blueprint(auth)
 app.register_blueprint(account)
 app.register_blueprint(notes)

diff --git a/app/account.py b/app/account.py
@@ -5,11 +5,11 @@
 from supafunc.errors import FunctionsRelayError, FunctionsHttpError
 
 from app.forms import UpdateEmailForm, UpdateForm, UpdatePasswordForm
-from app.supabase import get_profile_by_user, session_context_processor, supabase
+from app.supabase import get_profile_by_user, user_context_processor, supabase
 from app.decorators import login_required, password_update_required, profile_required
 
 account = Blueprint("account", __name__, url_prefix="/account")
-account.context_processor(session_context_processor)
+account.context_processor(user_context_processor)
 
 
 @account.route("/")

diff --git a/app/decorators.py b/app/decorators.py
@@ -2,24 +2,24 @@
 from typing import Union
 from flask import redirect, session, url_for, request
 from gotrue.errors import AuthApiError, AuthRetryableError
-from gotrue.types import Session, User
+from gotrue.types import User
 from app.supabase import get_profile_by_user, supabase
 
 
 def login_required(f):
     @wraps(f)
     def decorated(*args, **kwargs):
-        sess: Union[Session, None] = None
+        user: Union[User, None] = None
         try:
-            sess = supabase.auth.get_session()
+            user = supabase.auth.get_user()
         except AuthApiError as exception:
             err = exception.to_dict()
             if err.get("message") == "Invalid Refresh Token: Already Used":
-                sess = None
+                user = None
         except AuthRetryableError:
             return redirect(url_for("service_unavailable"))
 
-        if sess is None:
+        if user is None:
             return redirect(url_for("auth.signin", next=request.endpoint))
 
         return f(*args, **kwargs)

diff --git a/app/supabase.py b/app/supabase.py
@@ -25,12 +25,12 @@ def get_supabase() -> Client:
 supabase: Client = LocalProxy(get_supabase)
 
 
-def session_context_processor():
+def user_context_processor():
     try:
-        sess = supabase.auth.get_session()
-        return dict(session=sess, app_name=app_name)
+        user = supabase.auth.get_user()
+        return dict(user=user, app_name=app_name)
     except (AuthApiError, AuthRetryableError):
-        return dict(session=None, app_name=app_name)
+        return dict(user=None, app_name=app_name)
 
 
 def get_profile(user_or_slug: Union[User, str]):
@@ -58,8 +58,7 @@ def get_profile(user_or_slug: Union[User, str]):
 
 
 def get_profile_by_user():
-    sess = supabase.auth.get_session()
-    user = sess.user
+    user = supabase.auth.get_user()
     return get_profile(user)
 
 
@@ -91,8 +90,7 @@ def get_notes(user_or_user_id: Union[User, str], public_only: bool = False):
 
 
 def get_notes_by_user():
-    sess = supabase.auth.get_session()
-    user = sess.user
+    user = supabase.auth.get_user()
     return get_notes(user)
 
 
@@ -137,8 +135,7 @@ def get_note(user_or_slug: Union[User, str], id: str):
 
 
 def get_note_by_user_and_id(id: str):
-    sess = supabase.auth.get_session()
-    user = sess.user
+    user = supabase.auth.get_user()
     return get_note(user, id)
 
 

diff --git a/templates/account/index.html b/templates/account/index.html
@@ -9,7 +9,7 @@
     {{ h.alert('mb-10') }}
     <h2 class="font-semibold text-4xl mb-4">Account</h2>
     <p class="font-medium mb-10">
-        Hi {{ profile.display_name or session.user.email }}, you can update your email or password from here
+        Hi {{ profile.display_name or user.email }}, you can update your email or password from here
     </p>
 
     <ul class="divide-y-2 divide-gray-200">

diff --git a/templates/account/update-email.html b/templates/account/update-email.html
@@ -11,7 +11,7 @@
 	{{ h.alert('mb-10') }}
 	<h2 class="font-semibold text-4xl mb-4">Update Email</h2>
 	<p class="font-medium mb-4">
-		Hi {{ profile.display_name or session.user.email }}, Enter your new email below and confirm it
+		Hi {{ profile.display_name or user.email }}, Enter your new email below and confirm it
 	</p>
 	<form action="{{ url_for('account.update_email') }}" method="post">
 		{{ form.csrf_token }}

diff --git a/templates/account/update-password.html b/templates/account/update-password.html
@@ -11,7 +11,7 @@
 	{{ h.alert('mb-10') }}
 	<h2 class="font-semibold text-4xl mb-4">Update Password</h2>
 	<p class="font-medium mb-4">
-		Hi {{ profile.display_name or session.user.email }}, Enter your new password below and confirm it
+		Hi {{ profile.display_name or user.email }}, Enter your new password below and confirm it
 	</p>
 	<form action="{{ url_for('account.update_password') }}" method="post">
 		{{ form.csrf_token }}

diff --git a/templates/account/update.html b/templates/account/update.html
@@ -11,7 +11,7 @@
 	{{ h.alert('mb-10') }}
 	<h2 class="font-semibold text-4xl mb-4">{{ 'Update Profile' if profile.display_name else 'Please complete your profile' }}</h2>
 	<p class="font-medium mb-4">
-		Hi {{ profile.display_name or session.user.email }}, Enter your new email below and confirm it
+		Hi {{ profile.display_name or user.email }}, Enter your new email below and confirm it
 	</p>
 	<form action="{{ url_for('account.update') }}" method="post">
 		{{ form.csrf_token }}

diff --git a/templates/dashboard.html b/templates/dashboard.html
@@ -6,7 +6,7 @@
 {% block content %}
   <div class="card w-4/12 bg-base-100 shadow-xl">
     <div class="card-body">
-      <h2 class="card-title">Welcome {{ profile.display_name or session.user.email }}</h2>
+      <h2 class="card-title">Welcome {{ profile.display_name or user.email }}</h2>
       {% if profile.display_name %}
         <p>
           Name: {{ profile.first_name }}

diff --git a/templates/layout.html b/templates/layout.html
@@ -20,7 +20,7 @@ <h1 class="font-semibold">
           {% for id, caption in navigation_bar %}
             <a class="btn btn-ghost no-animation {{ 'btn-active' if active_page == id else ''}}" href="{{ url_for(id) }}">{{ caption }}</a>
           {% endfor %}
-          <form action="{{ url_for('auth.signout') }}" method="post" use:enhance>
+          <form action="{{ url_for('auth.signout') }}" method="post">
             <button class="btn btn-outline btn-error no-animation">Sign out</button>
           </form>
         </div>

diff --git a/templates/notes/edit.html b/templates/notes/edit.html
@@ -11,7 +11,7 @@
         <div class="flex-auto">
             <h2 class="font-semibold text-4xl mb-4">Edit Note</h2>
             <p class="font-medium mb-10">
-                Hi {{ profile.display_name or session.user.email }}, you can add, edit and delete notes from here
+                Hi {{ profile.display_name or user.email }}, you can add, edit and delete notes from here
             </p>
         </div>
     </div>

diff --git a/templates/notes/index.html b/templates/notes/index.html
@@ -11,7 +11,7 @@
         <div class="flex-auto">
             <h2 class="font-semibold text-4xl mb-4">Notes</h2>
             <p class="font-medium mb-10">
-                Hi {{ profile.display_name or session.user.email }}, you can add, edit and delete notes from here
+                Hi {{ profile.display_name or user.email }}, you can add, edit and delete notes from here
             </p>
         </div>
         <div class="flex-none">

diff --git a/templates/notes/new.html b/templates/notes/new.html
@@ -11,7 +11,7 @@
         <div class="flex-auto">
             <h2 class="font-semibold text-4xl mb-4">New Note</h2>
             <p class="font-medium mb-10">
-                Hi {{ profile.display_name or session.user.email }}, you can add, edit and delete notes from here
+                Hi {{ profile.display_name or user.email }}, you can add, edit and delete notes from here
             </p>
         </div>
     </div>