|
|
|
@ -25,7 +25,12 @@ def handoff(): |
|
|
|
if not is_valid_signature(email=email, ts=ts, portal_user_id=portal_user_id, sig=sig): |
|
|
|
if not is_valid_signature(email=email, ts=ts, portal_user_id=portal_user_id, sig=sig): |
|
|
|
return render_template("auth/handoff_error.html", message="Invalid handoff signature."), 403 |
|
|
|
return render_template("auth/handoff_error.html", message="Invalid handoff signature."), 403 |
|
|
|
|
|
|
|
|
|
|
|
identity = ensure_user_tenant_and_devices(email=email, portal_user_id=int(portal_user_id)) |
|
|
|
try: |
|
|
|
|
|
|
|
portal_user_id_int = int(portal_user_id) |
|
|
|
|
|
|
|
except (TypeError, ValueError): |
|
|
|
|
|
|
|
return render_template("auth/handoff_error.html", message="Invalid portal account identifier."), 400 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
identity = ensure_user_tenant_and_devices(email=email, portal_user_id=portal_user_id_int) |
|
|
|
|
|
|
|
|
|
|
|
session.clear() |
|
|
|
session.clear() |
|
|
|
session["otb_user_id"] = identity["user_id"] |
|
|
|
session["otb_user_id"] = identity["user_id"] |
|
|
|
|
