Alow mediafile access of anonymous user

OpenSlides · May 21, 2024 · 5cdf548 · 5cdf548
1 parent d3df886
commit 5cdf548
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 5 deletions.
diff --git a/src/auth.py b/src/auth.py
@@ -2,7 +2,6 @@
 
 import requests
 from authlib import (
-    ANONYMOUS_USER,
     AUTHENTICATION_HEADER,
     COOKIE_NAME,
     AuthenticateException,
@@ -15,15 +14,15 @@
 from .exceptions import ServerError
 
 
-def check_login():
+def check_login_valid():
     """Returns whether the user is logged in or not."""
     auth_handler = AuthHandler(app.logger.debug)
     cookie = request.cookies.get(COOKIE_NAME, "")
     try:
         user_id = auth_handler.authenticate_only_refresh_id(parse.unquote(cookie))
     except (AuthenticateException, InvalidCredentialsException):
         return False
-    return user_id != ANONYMOUS_USER
+    return True
 
 
 def check_file_id(file_id, presenter_headers):

diff --git a/src/mediaserver.py b/src/mediaserver.py
@@ -6,7 +6,7 @@
 
 from flask import Flask, Response, jsonify, redirect, request
 
-from .auth import AUTHENTICATION_HEADER, check_file_id, check_login
+from .auth import AUTHENTICATION_HEADER, check_file_id, check_login_valid
 from .config_handling import init_config, is_dev_mode
 from .database import Database
 from .exceptions import BadRequestError, HttpError, NotFoundError
@@ -35,7 +35,7 @@ def handle_view_error(error):
 
 @app.route("/system/media/get/<int:file_id>")
 def serve(file_id):
-    if not check_login():
+    if not check_login_valid():
         return redirect("/")
 
     # get file id