Merge pull request #2836 from stveit/let_set_account_handle_session_m…

…anip Do not manipulate session in ensure_account
Uninett · Feb 29, 2024 · 9f8214e · 9f8214e
2 parents 0fe59ef + 3871c37
commit 9f8214e
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/python/nav/web/auth/utils.py b/python/nav/web/auth/utils.py
@@ -47,10 +47,8 @@ def ensure_account(request):
     """Guarantee that valid request.account is set"""
     session = request.session
 
-    if not ACCOUNT_ID_VAR in session:
-        session[ACCOUNT_ID_VAR] = Account.DEFAULT_ACCOUNT
-
-    account = Account.objects.get(id=session[ACCOUNT_ID_VAR])
+    account_id = session.get(ACCOUNT_ID_VAR, Account.DEFAULT_ACCOUNT)
+    account = Account.objects.get(id=account_id)
 
     if account.locked:
         # Switch back to fallback, the anonymous user