Centralizes Admin Authentication

Sets admin authentication on authenticator to allow the addition and removal of admins without creating a new token. Signed-off-by: Hassan Abouelela <[email protected]>
author: Hassan Abouelela <[email protected]> 2021-02-20 03:45:16 +0300
committer: Hassan Abouelela <[email protected]> 2021-02-20 03:45:16 +0300
commit: 3c4f7e71cb1ecdfd8d255b02cf44adcd90f32f01 (patch)
tree: c62f8fa061f2d99f4463b874011634139447b740 /backend/authentication/backend.py
parent: Adds Expiry To Authorization Routes (diff)
1 files changed, 2 insertions, 7 deletions
diff --git a/backend/authentication/backend.py b/backend/authentication/backend.py
index abe7313..bdff796 100644
--- a/backend/authentication/backend.py
+++ b/backend/authentication/backend.py
@@ -60,13 +60,8 @@ class JWTAuthenticationBackend(authentication.AuthenticationBackend):
         except Exception:
             raise authentication.AuthenticationError("Could not parse user details.")
 
-        admin = await request.state.db.admins.find_one(
-            {"_id": user_details["id"]}
-        ) is not None
-
-        if admin:
-            scopes.append("admin")
-
         user = User(token, user_details)
+        if user.fetch_admin_status(request):
+            scopes.append("admin")
 
         return authentication.AuthCredentials(scopes), user
author	Hassan Abouelela <[email protected]>	2021-02-20 03:45:16 +0300
committer	Hassan Abouelela <[email protected]>	2021-02-20 03:45:16 +0300
commit	3c4f7e71cb1ecdfd8d255b02cf44adcd90f32f01 (patch)
tree	c62f8fa061f2d99f4463b874011634139447b740 /backend/authentication/backend.py
parent	Adds Expiry To Authorization Routes (diff)