bugfixes, cleanup

lenticular_cloud/views/admin.py

@@ -15,9 +15,9 @@ def before_request():
     try:
         resp = current_app.oauth.session.get('/userinfo')
         data = resp.json()
-        if not current_user.is_authenticated or resp.status_code is not 200:
+        if not current_user.is_authenticated or resp.status_code != 200:
             return redirect_login()
-        if 'admin' not in data['groups']:
+        if 'groups' not in data or 'admin' not in data['groups']:
             return 'Not an admin', 403
     except TokenExpiredError:
         return redirect_login()

lenticular_cloud/views/auth.py

@@ -86,7 +86,8 @@ def login():
     login_challenge = request.args.get('login_challenge')
     try:
         login_request = current_app.hydra_api.get_login_request(login_challenge)
-    except ory_hydra_client.exceptions.ApiException:
+    except ory_hydra_client.exceptions.ApiException as e:
+        logger.exception("could not fetch login request")
         return redirect(url_for('frontend.index'))
 
     if login_request.skip:

lenticular_cloud/views/frontend.py

@@ -31,7 +31,7 @@ def redirect_login():
 def before_request():
     try:
         resp = current_app.oauth.session.get('/userinfo')
-        if not current_user.is_authenticated or resp.status_code is not 200:
+        if not current_user.is_authenticated or resp.status_code != 200:
             logger.info('user not logged in redirect')
             return redirect_login()
     except TokenExpiredError:
@@ -72,7 +72,7 @@ def init_login_manager(app):
         if not token:
             flash("Failed to log in.", category="error")
             return False
-        print(f'debug ---------------{token}')
+        #print(f'debug ---------------{token}')
 
         resp = blueprint.session.get("/userinfo")
         if not resp.ok: