Fixes validation on session type

anatoliis · anatoliis · commit 712cc0d1adab · 2016-11-14T11:29:07.000+02:00
diff --git a/plugins/flask_yoti/flask_yoti/decorators.py b/plugins/flask_yoti/flask_yoti/decorators.py
@@ -1,16 +1,16 @@
 from functools import wraps
 from flask import redirect, session, url_for
-from flask.sessions import SecureCookieSession
 
 from .context_storage import activity_details_storage
 from .settings import get_config_value
+from .helpers import is_cookie_session
 
 
 def yoti_authenticated(view_func):
     @wraps(view_func)
     def _decorated(*args, **kwargs):
         user_id = session.get('yoti_user_id')
-        if isinstance(session, SecureCookieSession):
+        if not is_cookie_session(session):
             activity_details = session.get('activity_details')
         else:
             activity_details = activity_details_storage.get(user_id)
diff --git a/plugins/flask_yoti/flask_yoti/flask_yoti.py b/plugins/flask_yoti/flask_yoti/flask_yoti.py
@@ -8,13 +8,13 @@
     redirect,
     url_for,
 )
-from flask.sessions import SecureCookieSession
 from yoti import Client
 
 from .context_storage import activity_details_storage
 from .decorators import yoti_authenticated
 from .context_processors import yoti_context
 from .settings import get_config_value
+from .helpers import is_cookie_session
 
 
 flask_yoti_blueprint = Blueprint('flask_yoti', __name__,
@@ -34,7 +34,7 @@ def auth():
     client = Client(client_sdk_id, key_file_path)
     activity_details = client.get_activity_details(token)
     session['yoti_user_id'] = activity_details.user_id
-    if isinstance(session, SecureCookieSession):
+    if not is_cookie_session(session):
         session['activity_details'] = dict(activity_details)
     else:
         activity_details_storage.save(activity_details)
diff --git a/plugins/flask_yoti/flask_yoti/helpers.py b/plugins/flask_yoti/flask_yoti/helpers.py
@@ -0,0 +1,12 @@
+from flask.sessions import SecureCookieSession
+from werkzeug.local import LocalProxy
+
+
+def is_cookie_session(session):
+    if isinstance(session, SecureCookieSession):
+        return True
+    if not isinstance(session, LocalProxy):
+        return False
+    if isinstance(session._get_current_object(), SecureCookieSession):
+        return True
+    return False
