codecov[bot]
commented
3 years ago Codecov Report
Merging #101 (0ec19ff) into develop (5678822) will increase coverage by
0.09%. The diff coverage is100.00%.
@@ Coverage Diff @@
## develop #101 +/- ##
===========================================
+ Coverage 89.39% 89.48% +0.09%
===========================================
Files 46 46
Lines 1273 1284 +11
Branches 101 104 +3
===========================================
+ Hits 1138 1149 +11
Misses 122 122
Partials 13 13 | Impacted Files | Coverage Δ | |
|---|---|---|
| servicex/decorators.py | 100.00% <100.00%> (ø) |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 5678822...0ec19ff. Read the comment docs.
Currently, one cannot access protected API endpoints from the web frontend, even after signing in with OAuth. An easy test for this is to sign in and then attempt to access the
/servicex/transformationroute (which would normally return all transformation requests in the database as a JSON list).This is because the current implementation of the
auth_requireddecorator checks for a JWT access token in the bearer token HTTP header, but the web frontend uses session-based authentication, not token-based authentication.This PR addresses the issue by checking the
is_authenticatedflag in the currentsessionobject first, before looking for a bearer token in the request. This allows the web frontend to access protected endpoints, so we can now use AJAX to display API data on the website.