authMethod fix: correctly check / use config auth method

cco.webapi.server: avoid error on missing view
2026-04-28 16:15:20 +02:00 · 2026-02-23 11:21:42 +01:00
2 changed files with 7 additions and 3 deletions
--- a/cco/member/browser.py
+++ b/cco/member/browser.py
@ -72,9 +72,10 @@ class LoginBase:

    @Lazy
    def authMethod(self):
-        if getConfigAuthMethod() == 'cookie':
+        meth = getConfigAuthMethod()
+        if meth == 'cookie':
            return getAuthMethodCookieValue(self.request)
-        return 'legacy'
+        return meth

    @Lazy
    def oidc_allowed(self):
--- a/cco/webapi/server.py
+++ b/cco/webapi/server.py
@ -86,7 +86,8 @@ class ApiHandler(ApiCommon, NodeView):
        target = self.context.target
        if target is not None:
            targetView = self.getContainerView(target)
-            return targetView()
+            if targetView is not None:
+                return targetView()
        # TODO: check for request.method?
        if self.request.method in ('PUT', 'POST'):
            return self.error('Method not allowed', 405)
@ -111,6 +112,8 @@ class ApiHandler(ApiCommon, NodeView):
            if target is None:
                return None
            cv = self.getContainerView(target)
+            if cv is None:
+                return None
            targetView = cv.getView(name)
        if targetView is None:
            return None
Author	SHA1	Message	Date
Helmut Merz	b06b38f83c	authMethod fix: correctly check / use config auth method	2026-04-28 16:15:20 +02:00
Helmut Merz	0c843bf889	cco.webapi.server: avoid error on missing view	2026-02-23 11:21:42 +01:00