Commit 63bca7c9 authored by echel0n's avatar echel0n
Browse files

Merge branch 'release/9.3.74'

parents 3a0df8a6 0a5590f8
# Changelog
- * e9c1a16 - 2018-09-08: Release v9.3.73
- * b48a658 - 2018-09-09: Release v9.3.74
- * fd54d1e - 2018-09-08: Pre-Release v9.3.74.dev1
- * d4b634c - 2018-09-08: Release v9.3.73
- * 0f56bf7 - 2018-09-08: Release v9.3.72
- * 5c3c795 - 2018-09-08: Pre-Release v9.3.72.dev1
- * 3b8de1e - 2018-09-08: Release v9.3.71
......
......@@ -75,6 +75,8 @@ class API(object):
except InvalidGrantError as e:
self.token = ''
return self.token
@staticmethod
def throttle_hook(response, **kwargs):
ratelimited = "X-RateLimit-Remaining" in response.headers
......
......@@ -287,9 +287,16 @@ class LoginHandler(BaseHandler):
API().token = sickrage.app.oidc_client.logout(API().token['refresh_token'])
return self.redirect('/logout')
else:
app_ids = sickrage.app.oidc_client.userinfo(token['access_token']).get('appid', [])
if sickrage.app.config.app_id not in app_ids:
return self.redirect('/logout')
api_token_decoded = sickrage.app.oidc_client.decode_token(API().refresh_token()['access_token'],
sickrage.app.oidc_client.certs())
userinfo = sickrage.app.oidc_client.userinfo(token['access_token'])
if userinfo.get('sub') == api_token_decoded['sub']:
API().register_appid(sickrage.app.config.app_id)
else:
app_ids = userinfo.get('appid', [])
if sickrage.app.config.app_id not in app_ids:
return self.redirect('/logout')
except Exception as e:
return self.redirect('/logout')
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment