coop/shared
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Set blog_did = account_did — one device identity across all apps

Browse Source 
Callback adopts account's device_id by overwriting g.device_id,
so the factory after_request sets {app}_did cookie to account's value.
Simplifies factory check: g.device_id IS the account_did, no need
to read _account_did from session separately.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
giles
2026-02-23 15:11:24 +00:00
parent cad528d732
commit 748d28e657
2 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
infrastructure/oauth.py
View File

@@ -61,10 +61,13 @@ def create_oauth_blueprint(app_name: str) -> Blueprint:
@bp.get("/callback")
@bp.get("/callback/")
async def callback():
# Always store account_did when account passes it back
# Adopt account's device id as our own — one identity across all apps
account_did = request.args.get("account_did", "")
if account_did:
qsession["_account_did"] = account_did
# Overwrite this app's device cookie with account's device id
g.device_id = account_did
g._new_device_id = True # factory after_request will set the cookie
# Handle prompt=none error (user not logged in on account)
error = request.args.get("error")