Merge branch '12533-token-n-ip-logging'

[arvados.git] / services / api / script / get_anonymous_user_token.rb

diff --git a/services/api/script/get_anonymous_user_token.rb b/services/api/script/get_anonymous_user_token.rb
index 76e20880a58a90037d83adbda619e3adb539e9db..7b146fc8e35f55be8bad6cb012d4fbd93678f10a 100755 (executable)
--- a/services/api/script/get_anonymous_user_token.rb
+++ b/services/api/script/get_anonymous_user_token.rb
@@ -1,4 +1,7 @@
 #!/usr/bin/env ruby
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
 
 # Get or Create an anonymous user token.
 # If get option is used, an existing anonymous user token is returned. If none exist, one is created.
@@ -27,6 +30,7 @@ def create_api_client_auth
   api_client_auth = ApiClientAuthorization.
     new(user: anonymous_user,
         api_client_id: 0,
+        expires_at: Time.now + 100.years,
         scopes: ['GET /'])
   api_client_auth.save!
   api_client_auth.reload
@@ -34,7 +38,10 @@ end
 
 if get_existing
   api_client_auth = ApiClientAuthorization.
-    where('user_id=?', anonymous_user.id.to_i).first
+    where('user_id=?', anonymous_user.id.to_i).
+    where('expires_at>?', Time.now).
+    select { |auth| auth.scopes == ['GET /'] }.
+    first
 end
 
 # either not a get or no api_client_auth was found