AIRAVATA-3682 Fix token based auth
diff --git a/django_airavata/apps/api/authentication.py b/django_airavata/apps/api/authentication.py
index 226b5e5..2cf95e4 100644
--- a/django_airavata/apps/api/authentication.py
+++ b/django_airavata/apps/api/authentication.py
@@ -3,6 +3,7 @@
from django.contrib.auth import authenticate
from rest_framework import authentication, exceptions
+from django_airavata.apps.auth import utils
from django_airavata.apps.auth.middleware import set_admin_group_attributes
logger = logging.getLogger(__name__)
@@ -21,6 +22,8 @@
logger.debug(f"OAuthAuthentication authenticated user {user}")
# Set request attributes that are normally set by middleware
+ request.authz_token = utils.get_authz_token(request, user=user, access_token=token)
+ request.user = user
set_admin_group_attributes(request)
return (user, token)
except Exception as e:
diff --git a/django_airavata/apps/auth/middleware.py b/django_airavata/apps/auth/middleware.py
index 46a0d08..5356932 100644
--- a/django_airavata/apps/auth/middleware.py
+++ b/django_airavata/apps/auth/middleware.py
@@ -35,6 +35,7 @@
"""Set is_gateway_admin and is_read_only_gateway_admin request attrs."""
if gateway_groups is None:
gateway_groups = request.airavata_client.getGatewayGroups(request.authz_token)
+ gateway_groups = copy.deepcopy(gateway_groups.__dict__)
admins_group_id = gateway_groups['adminsGroupId']
read_only_admins_group_id = gateway_groups['readOnlyAdminsGroupId']
group_manager_client = request.profile_service['group_manager']
@@ -66,7 +67,7 @@
request.authz_token)
gateway_groups_dict = copy.deepcopy(gateway_groups.__dict__)
request.session['GATEWAY_GROUPS'] = gateway_groups_dict
- set_admin_group_attributes(request, request.session.get("GATEWAY_GROUPS"))
+ set_admin_group_attributes(request, gateway_groups=request.session.get("GATEWAY_GROUPS"))
# Gateway Admins are made 'superuser' in Django so they can edit
# pages in the CMS
if request.is_gateway_admin and (