remove check_login from the WSGI server app

AuthenticationApp (just removed) was the only code that had any interaction with
this functionality. That is, check_login looked for an environment variable
"be-auth.user" that was only ever set by AuthenticationApp.

1 files changed, 0 insertions, 10 deletions

diff --git a/libbe/command/serve_commands.py b/libbe/command/serve_commands.py
index 7e8f57e..c2a1be8 100644
--- a/libbe/command/serve_commands.py
+++ b/libbe/command/serve_commands.py
@@ -80,7 +80,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
 
     # handlers
     def run(self, environ, start_response):
-        self.check_login(environ)
         data = self.post_data(environ)
         source = 'post'
         try:
@@ -113,15 +112,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
     def _parse_post(self, post):
         return libbe.storage.util.mapfile.parse(post)
 
-    def check_login(self, environ):
-        user = environ.get('be-auth.user', None)
-        if user is not None:  # we're running under AuthenticationApp
-            if environ['REQUEST_METHOD'] == 'POST':
-                # TODO: better detection of commands requiring writes
-                if user == 'guest' or self.storage.is_writeable() == False:
-                    raise _Unauthorized() # only non-guests allowed to write
-            # allow read-only commands for all users
-
     def _notify(self, environ, command, id, params):
         message = self._format_notification(environ, command, id, params)
         self._submit_notification(message)