Restore session id if we try to login using TokenAuth.

cvat-ai · Dec 5, 2019 · 8411d51 · 8411d51
1 parent 171a920
commit 8411d51
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/cvat/apps/authentication/decorators.py b/cvat/apps/authentication/decorators.py
@@ -9,6 +9,7 @@
 from django.http import JsonResponse
 from django.conf import settings
 from rest_framework.authentication import TokenAuthentication
+from django.contrib.auth import login
 
 def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME,
     login_url=None, redirect_methods=['GET']):
@@ -21,7 +22,8 @@ def _wrapped_view(request, *args, **kwargs):
                 tokenAuth = TokenAuthentication()
                 auth = tokenAuth.authenticate(request)
                 if auth is not None:
-                    request.user = auth[0]
+                    # If only token is available let's restore session id.
+                    login(request, auth[0], 'django.contrib.auth.backends.ModelBackend')
                     return view_func(request, *args, **kwargs)
 
                 login_url = '{}/login'.format(settings.UI_URL)