From c9ddc9775773985d593166c8b7d8d7cb46a236cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20K=C3=BCnzel?= <simonk@fsmpi.rwth-aachen.de>
Date: Sat, 3 May 2025 18:09:31 +0200
Subject: [PATCH] Fix fsmpi authentication

---
 api/src/api/authentication.py            | 10 ++++------
 api/tests/routes/object_modifications.py |  2 +-
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/api/src/api/authentication.py b/api/src/api/authentication.py
index e4b4023..567d9de 100644
--- a/api/src/api/authentication.py
+++ b/api/src/api/authentication.py
@@ -223,6 +223,7 @@ def authenticate_fsmpi(username: str, password: str) -> {}:
         if user_db is None:
             raise ApiClientException(ERROR_AUTHENTICATION_NOT_AVAILABLE(
                 "Site is read-only and we can not create a new account for you in the database"))
+        api_session.set_user(user_db)
     else:
         def _trans(session: SessionDb):
             user_db = session.scalar(User.sudo_select().where(User.handle == user_handle))
@@ -241,13 +242,10 @@ def authenticate_fsmpi(username: str, password: str) -> {}:
             user_db.full_name = full_name
             user_db.display_name = display_name
             user_db.email = email
-
-            session.commit()
-            session.expunge_all()
-            return user_db
-        user_db = database.execute_write_transaction(_trans)
+            api_session.set_user(user_db)
+        
+        database.execute_write_transaction_and_commit(_trans)
     
-    api_session.set_user(user_db)
     api_session.csrf_token = "".join(
         secrets.choice(string.ascii_letters + string.digits) for _ in range(64))
     api_session.permanent = True
diff --git a/api/tests/routes/object_modifications.py b/api/tests/routes/object_modifications.py
index c0da04f..a6575c5 100644
--- a/api/tests/routes/object_modifications.py
+++ b/api/tests/routes/object_modifications.py
@@ -1502,7 +1502,7 @@ class ObjectModificationsTest(ApiTest):
             f"/object_management/course/{id}/configuration",
             use_moderator_login=True,
         )[1]
-        self.assert_field_has_value(config, "responsible_users_ids", [42, 43])
+        self.assertEqual(set(self.get_field_value(config, "responsible_users_ids")), {42, 43})
         self.do_json_request(
             "GET",
             f"/course/{id}",
-- 
GitLab