in src/asfquart/generics.py [0:0]
def enforce_login(app, redirect_uri=DEFAULT_OAUTH_URI):
"""Enforces redirect to the auth provider (if enabled) when a client tries to access a restricted page
without being logged in. Only redirects if there is no active user session. On success, the client
is redirected back to the origin page that was restricted. If it is still restricted, the client
will instead see an error message."""
import asfquart.auth
@app.errorhandler(asfquart.auth.AuthenticationFailed)
async def auth_redirect(error):
# If we have no client session (and X-No-Redirect is not set), redirect to auth flow
if (
"x-no-redirect" not in quart.request.headers
and not quart.request.authorization
and not await asfquart.session.read()
):
return quart.redirect(f"{redirect_uri}?login={quart.request.full_path}")
# If we have a session, but still no access, just say so in plain text.
return quart.Response(status=error.errorcode, response=error.message)