theLaborInVain / kdm-manager-api

The API used by https://kdm-manager.com and related Kingdom Death: Monster utilities.
Other
3 stars 0 forks source link

Login failure on end-users without 'subscriber' attribute #83

Closed toconnell closed 2 months ago

toconnell commented 6 months ago

User OID: 666 Method: POST URL: http://api.kdm-manager.com/login JSON: {'username': 'xxx', 'password': 'zzz'}

Traceback (most recent call last):
File "/home/toconnell/kdm-manager-api/venv/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request
 rv = self.dispatch_request()
File "/home/toconnell/kdm-manager-api/venv/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request
 return self.view_functions[rule.endpoint](**req.view_args)
File "/home/toconnell/kdm-manager-api/app/utils/crossdomain.py", line 57, in wrapped_function
 resp = flask.make_response(func(*args, **kwargs))
File "/home/toconnell/kdm-manager-api/app/routes.py", line 332, in get_token
 user_object = users.authenticate(
File "/home/toconnell/kdm-manager-api/app/models/users/__init__.py", line 88, in authenticate
 user_object = User(_id=user["_id"])
File "/home/toconnell/kdm-manager-api/app/models/users/_user.py", line 90, in __init__
 self._normalize()
File "/home/toconnell/kdm-manager-api/app/models/users/_user.py", line 125, in _normalize
 if isinstance(self.user['subscriber']['level'], str):
KeyError: 'subscriber'
toconnell commented 2 months ago

This is still an issue in 1.126.1300. I just got one on 09/18

User OID: 666 Method: POST URL: http://api.kdm-manager.com/login JSON: {'username': '[xxx@gmail.com]', 'password': 'yyy'}

Traceback (most recent call last):
File "/home/toconnell/kdm-manager-api/venv/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request
 rv = self.dispatch_request()
File "/home/toconnell/kdm-manager-api/venv/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request
 return self.view_functions[rule.endpoint](**req.view_args)
File "/home/toconnell/kdm-manager-api/app/utils/crossdomain.py", line 57, in wrapped_function
 resp = flask.make_response(func(*args, **kwargs))
File "/home/toconnell/kdm-manager-api/app/routes.py", line 332, in get_token
 user_object = users.authenticate(
File "/home/toconnell/kdm-manager-api/app/models/users/__init__.py", line 88, in authenticate
 user_object = User(_id=user["_id"])
File "/home/toconnell/kdm-manager-api/app/models/users/_user.py", line 92, in __init__
 self._normalize()
File "/home/toconnell/kdm-manager-api/app/models/users/_user.py", line 127, in _normalize
 if isinstance(self.user['subscriber']['level'], str):
KeyError: 'subscriber'
toconnell commented 2 months ago

This actually breaks the whole user init, so the user cannot be cloned:

[2024-08-20 13:42:40] ERROR:    'subscriber'
Traceback (most recent call last):
  File "/home/toconnell/kdm-manager-api/venv/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/toconnell/kdm-manager-api/venv/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/home/toconnell/kdm-manager-api/venv/lib/python3.8/site-packages/flask_httpauth.py", line 104, in decorated
    return f(*args, **kwargs)
  File "/home/toconnell/kdm-manager-api/app/routes.py", line 188, in admin_get_user
    user_object = models.get_user_asset('user', user_record['_id'])
  File "/home/toconnell/kdm-manager-api/app/models/__init__.py", line 108, in get_user_asset
    return users.User(_id=asset_id)
  File "/home/toconnell/kdm-manager-api/app/models/users/_user.py", line 92, in __init__
    self._normalize()
  File "/home/toconnell/kdm-manager-api/app/models/users/_user.py", line 127, in _normalize
    if isinstance(self.user['subscriber']['level'], str):
KeyError: 'subscriber'
toconnell commented 2 months ago

This is fixed by data model application on init. Should address this forever.