Simplify the auth code format a little: the 'me' value can be computed from the user ID and so is redundant

2017-11-03 16:14:30 +11:00 · 2017-11-03 16:14:30 +11:00 · ab810a8f94
commit ab810a8f94
parent 43a56e865e
2 changed files with 18 additions and 15 deletions
--- a/lemonauth/tokens.py
+++ b/lemonauth/tokens.py
@ -13,25 +13,18 @@ def decode(token):


 def gen_auth_code(req):
-    post = req.POST
-    params = {'me': post['me']}
-    if 'state' in post:
-        params['state'] = post['state']
-
    code = {
-        'me': post['me'],
        'uid': req.user.id,
-        'cid': post['client_id'],
-        'uri': post['redirect_uri'],
-        'typ': post.get('response_type', 'id'),
+        'cid': req.POST['client_id'],
+        'uri': req.POST['redirect_uri'],
+        'typ': req.POST.get('response_type', 'id'),
        'iat': datetime.utcnow(),
        'exp': datetime.utcnow() + timedelta(seconds=30),
    }
-    if 'scope' in post:
-        code['sco'] = ' '.join(post.getlist('scope'))
+    if 'scope' in req.POST:
+        code['sco'] = ' '.join(req.POST.getlist('scope'))

-    params['code'] = encode(code)
-    return (post['redirect_uri'], params)
+    return encode(code)


 def verify_auth_code(c):