hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-14 21:43:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

avoid raising HTTPError in get_current_user

Browse Source 
it can cause issues, e.g. with upcoming notebook releases .get_current_user may be called in set_default_headers,
which doesn't catch HTTPErrors.
This commit is contained in:
Min RK
2018-01-03 14:58:42 +01:00
parent f87f24d9e5
commit 9866a0fadc
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
jupyterhub/services/auth.py
View File

@@ -778,7 +778,14 @@ class HubAuthenticated(object):
except UserNotAllowed as e: except UserNotAllowed as e:
# cache None, in case get_user is called again while processing the error # cache None, in case get_user is called again while processing the error
self._hub_auth_user_cache = None self._hub_auth_user_cache = None
raise HTTPError(403, "{kind} {name} is not allowed.".format(**e.model)) # Override redirect so if/when tornado @web.authenticated
# tries to redirect to login URL, 403 will be raised instead.
# This is not the best, but avoids problems that can be caused
# when get_current_user is allowed to raise.
def raise_on_redirect(*args, **kwargs):
raise HTTPError(403, "{kind} {name} is not allowed.".format(**user_model))
self.redirect = raise_on_redirect
return
except Exception: except Exception:
self._hub_auth_user_cache = None self._hub_auth_user_cache = None
raise raise