X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/4d351f0d0c67093440663cee3b52421e3eba7d77..ef56ac56a0bac0710a486c0e5e9cdd3199eddc61:/services/api/script/get_anonymous_user_token.rb?ds=sidebyside

diff --git a/services/api/script/get_anonymous_user_token.rb b/services/api/script/get_anonymous_user_token.rb
index 76e20880a5..6964af0b63 100755
--- a/services/api/script/get_anonymous_user_token.rb
+++ b/services/api/script/get_anonymous_user_token.rb
@@ -27,6 +27,7 @@ def create_api_client_auth
   api_client_auth = ApiClientAuthorization.
     new(user: anonymous_user,
         api_client_id: 0,
+        expires_at: Time.now + 100.years,
         scopes: ['GET /'])
   api_client_auth.save!
   api_client_auth.reload
@@ -34,7 +35,10 @@ end
 
 if get_existing
   api_client_auth = ApiClientAuthorization.
-    where('user_id=?', anonymous_user.id.to_i).first
+    where('user_id=?', anonymous_user.id.to_i).
+    where('expires_at>?', Time.now).
+    select { |auth| auth.scopes == ['GET /'] }.
+    first
 end
 
 # either not a get or no api_client_auth was found