From 5195edb6c0f474f27b8c8510116bb7e8407e82a8 Mon Sep 17 00:00:00 2001
From: Matthew Richards <matthew.richards@stfc.ac.uk>
Date: Mon, 13 Jul 2020 14:15:13 +0000
Subject: [PATCH]  #135: Allow session IDs to not be overwritten in the
 database

- This is done by creating a new client object each time users login. If the same object is used for every login, the session ID will just be overwritten, even if logging in as a different user
---
 common/python_icat_backend.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/common/python_icat_backend.py b/common/python_icat_backend.py
index 492bb61d..d4b087b5 100644
--- a/common/python_icat_backend.py
+++ b/common/python_icat_backend.py
@@ -18,13 +18,17 @@ class PythonICATBackend(Backend):
     """
     
     def __init__(self):
-        icat_server_url = config.get_icat_url()
-        self.client = icat.client.Client(icat_server_url, checkCert=config.get_icat_check_cert())
+        # Client object is created here as well as in login() to avoid uncaught exceptions 
+        # where the object is None. This could happen where a user tries to use an endpoint before
+        # logging in. Also helps to give a bit of certainty to what's stored here
+        self.client = icat.client.Client(config.get_icat_url(), checkCert=config.get_icat_check_cert())
 
     def login(self, credentials):
+        # Client object is re-created here so session IDs aren't overwritten in the database
+        self.client = icat.client.Client(config.get_icat_url(), checkCert=config.get_icat_check_cert())
+
         # Syntax for Python ICAT
         login_details = {'username': credentials['username'], 'password': credentials['password']}
-
         try:
             session_id = self.client.login(credentials["mechanism"], login_details)
             return session_id