henine
/
wubloader
mirror of https://github.com/ekimekim/wubloader
1
0
Fork 0
Code Issues Releases Wiki Activity

thrimshim: Fix auth query again, hopefully properly this time

Browse Source
pull/418/head
Mike Lang 4 weeks ago
parent 48c91b7828
commit f4dc0ea7f1
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File

8
thrimshim/thrimshim/main.py
Unescape Escape View File

@ -66,12 +66,12 @@ def check_user(request, role):
# check whether user is in the database # check whether user is in the database
email = idinfo['email'].lower() email = idinfo['email'].lower()
conn = app.db_manager.get_conn() conn = app.db_manager.get_conn()
query = """ query = sql.SQL("""
SELECT 1 SELECT 1
FROM roles FROM roles
WHERE lower(email) = %(email)s AND %(role)s WHERE lower(email) = %(email)s AND {}
""" """).format(sql.Identifier(role))
results = database.query(conn, query, email=email, role=role) results = database.query(conn, query, email=email)
row = results.fetchone() row = results.fetchone()
if row is None: if row is None:
return 'Unknown user. Access denied.', 403 return 'Unknown user. Access denied.', 403

Write Preview
Loading…
Cancel
Save