auth: refactor current_token.user to use current_user.
In app/decorators.py
I've added a new loader for the Flask-Login user, that uses the require_oauth
from authlib. This results in current_user
being available both with tokens and with users. This simplifies a lot of authentication code: require_role
, require_membership
.
All current_token.user
have been replaced.
Tests that have changed started failing due to the body not being sent on the redirect. However I do not known why they weren't failing before, as on redirect no body should be sent anyway.
Closes #1116