Make it work with static root at /

the check to see if page is static, then use anonymous user is silly for several reasons. Performance intensive sites will setup static pages to be served at the very least by werkzeug, and probably even a couple of layers above that at nginx or apache, so flask will never see static requests. The case where it might actually be nice, static requests for blueprints, isn't even covered. The check is also quite stupid, since dynamic pages can and do mount past the static mount point, like in my case where my static mount is /. Anyway, someone else might find this useful. we need it at Elsevier.
harvimt · May 21, 2013 · 7e2f9b9 · 7e2f9b9
1 parent 59f7cd7
commit 7e2f9b9
Showing 1 changed file with 0 additions and 6 deletions.
diff --git a/flask_login.py b/flask_login.py
@@ -318,12 +318,6 @@ def needs_refresh(self):
         return redirect(login_url(self.refresh_view, request.url))
 
     def _load_user(self):
-        if (current_app.static_url_path is not None and
-            request.path.startswith(current_app.static_url_path)
-        ):
-            # load up an anonymous user for static pages
-            _request_ctx_stack.top.user = self.anonymous_user()
-            return
         config = current_app.config
         if config.get("SESSION_PROTECTION", self.session_protection):
             deleted = self._session_protection()