Caching user object to flask session was bad idea

2025-12-10 04:19:31 +02:00 · 2019-05-21 00:29:48 +05:30
parent 7c8392613c
commit c7d0433ea9
2 changed files with 3 additions and 36 deletions
--- a/flask_discord/_http.py
+++ b/flask_discord/_http.py
@@ -24,8 +24,6 @@ class DiscordOAuth2HttpClient(abc.ABC):
    """

    SESSION_KEYS = [
-        "discord_user",
-
        "discord_oauth2_state",
        "discord_oauth2_token",
    ]
--- a/flask_discord/client.py
+++ b/flask_discord/client.py
@@ -42,19 +42,12 @@ class DiscordOAuth2Session(_http.DiscordOAuth2HttpClient):
        session["discord_oauth2_state"] = state
        return redirect(authorization_url)

-    def callback(self, fetch_user: bool = True):
+    def callback(self):
        """A method which should be always called after completing authorization code grant process
        usually in callback view.
        It fetches the authorization token and saves it flask
        `session <http://flask.pocoo.org/docs/1.0/api/#flask.session>`_ object.

-        Parameters
-        ----------
-        fetch_user : bool, optional
-            If this parameter is set to True, it caches :py:class:`flask_discord.models.User` to flask
-            `session <http://flask.pocoo.org/docs/1.0/api/#flask.session>`_ object with ``discord_user`` key
-            and ``None`` if False. Defaults to True.
-
        """
        if request.values.get("error"):
            return request.values["error"]
@@ -65,10 +58,6 @@ class DiscordOAuth2Session(_http.DiscordOAuth2HttpClient):
            authorization_response=request.url
        )
        session["discord_oauth2_token"] = token
-        if fetch_user:
-            session["discord_user"] = self.fetch_user()
-        else:
-            session["discord_user"] = None

    def revoke(self):
        """This method clears current discord token, state and all session data from flask
@@ -85,34 +74,14 @@ class DiscordOAuth2Session(_http.DiscordOAuth2HttpClient):
        return self._make_session().authorized

    def fetch_user(self) -> models.User:
-        """This method requests current user data from discord, caches native :py:class:`flask_discord.models.User`
-        to flask `session <http://flask.pocoo.org/docs/1.0/api/#flask.session>`_ object.
+        """This method requests for data of current user from discord and returns user object.

        Returns
        -------
        flask_discord.models.User

        """
-        session["discord_user"] = models.User(self.get("/users/@me"))
-        return session["discord_user"]
-
-    @property
-    def user(self) -> models.User:
-        """A property which returns cached current :py:class:`flask_discord.models.User` from flask
-        `session <http://flask.pocoo.org/docs/1.0/api/#flask.session>`_ object.
-
-        Note
-        ----
-        If user is not present in flask `session <http://flask.pocoo.org/docs/1.0/api/#flask.session>`_
-        object, it requests user data from discord, caches user to session and then returns user object.
-
-        Returns
-        -------
-        flask_discord.models.User
-            Cached discord user object form flask `session <http://flask.pocoo.org/docs/1.0/api/#flask.session>`_.
-
-        """
-        return session.get("discord_user") or self.fetch_user()
+        return models.User(self.get("/users/@me"))

    def fetch_connections(self) -> models.UserConnection:
        """Requests and returns connections of current user from discord.