Skip to content

make jwt optional inside get_requesting_user without throwing a 500 error #1213

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 9 commits into
base: develop
Choose a base branch
from
Open

make jwt optional inside get_requesting_user without throwing a 500 error #1213

wants to merge 9 commits into from

Conversation

@MattShirley
Copy link
Collaborator

@MattShirley MattShirley commented Nov 17, 2025

Make JWT optional (as already defined in the decorator) inside get_requesting_user without throwing a 500 error.

@MattShirley MattShirley marked this pull request as ready for review November 17, 2025 19:38
@codecov
Copy link

codecov bot commented Nov 17, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 96.00000% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 85.99%. Comparing base (c0246c7) to head (4c04d3d).

Files with missing lines Patch % Lines
...ex_app/servicex_app/resources/servicex_resource.py 83.33% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@             Coverage Diff             @@
##           develop    #1213      +/-   ##
===========================================
+ Coverage    85.93%   85.99%   +0.05%     
===========================================
  Files           94       94              
  Lines         3235     3255      +20     
  Branches       371      374       +3     
===========================================
+ Hits          2780     2799      +19     
  Misses         380      380              
- Partials        75       76       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@ponyisi
Copy link
Collaborator

ponyisi commented Nov 17, 2025

Hi @MattShirley - I don't think this is quite what I was after, although I guess it addresses another failure mode.

The place where we are currently failing wrt Nebraska is the jwt_required decorator itself. Even if the optional argument is specified, if a token is present in the request, it will attempt to validate it. If ENABLE_AUTH is false, this validation will fail and the request will be rejected. The optional argument only means that the requests with no token will be accepted. So we need a new decorator that wraps jwt_required which skips all the logic if ENABLE_AUTH is false (or otherwise perhaps a super-decorator that returns jwt_required or a dummy depending on the configuration).

@MattShirley
Copy link
Collaborator Author

MattShirley commented Nov 18, 2025

@ponyisi I added a no-op/dummy pass through decorator

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MattShirley @ponyisi