Optimize basic auth.

kiarn · kiarn · commit 8b9454d44ffb · 2025-03-17T12:28:31.000+01:00
diff --git a/usr/lib/python3/dist-packages/linuxmusterApi/security/basic_auth.py b/usr/lib/python3/dist-packages/linuxmusterApi/security/basic_auth.py
@@ -11,7 +11,7 @@
 
 BASIC_AUTH = HTTPBasic()
 
-def generate_jwt(user):
+def generate_jwt(user, role, school):
     """
     Generate a valid jwt for a specific user.
 
@@ -22,20 +22,15 @@ def generate_jwt(user):
     """
 
 
-    user_details = lr.get(f'/users/{user}')
-    if not user_details:
-        # User not found in ldap tree, discarding request
-        return ''
-
     with open('/etc/linuxmuster/api/config.yml', 'r') as config_file:
         config = yaml.load(config_file, Loader=yaml.SafeLoader)
 
     secret = base64.b64decode(config['secret'])
 
     payload  = {
         'user': user,
-        'role': user_details['sophomorixRole'],
-        'school': user_details['sophomorixSchoolname']
+        'role': role,
+        'school': school
     }
 
     token = jwt.encode(payload, secret, algorithm="HS512")
@@ -61,7 +56,7 @@ def __call__(self, credentials: Annotated[HTTPBasicCredentials, Depends(BASIC_AU
             )
 
         if user.test_password(password=credentials.password):
-            return generate_jwt(user.cn)
+            return generate_jwt(user.cn, user.sophomorixRole, user.sophomorixSchoolname)
 
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
