# HG changeset patch
# User Søren Løvborg <kwi@kwi.dk>
# Date 2015-07-26 13:58:50
# Node ID 8b8f51f36542f6ea096e5401d4fb6fbe2324d0d4
# Parent  071777309be11e4ad017f43f1e6188289f113b44

auth: actually use _determine_auth_user argument

Fix silly mistake which slipped through the review. (We should not look
up the session cookie again, when it's passed as a function argument.)

diff --git a/kallithea/lib/base.py b/kallithea/lib/base.py
--- a/kallithea/lib/base.py
+++ b/kallithea/lib/base.py
@@ -388,12 +388,11 @@ class BaseController(WSGIController):
             return AuthUser(api_key=api_key, is_external_auth=True)
 
         # Authenticate by session cookie
-        cookie = session.get('authuser')
         # In ancient login sessions, 'authuser' may not be a dict.
         # In that case, the user will have to log in again.
-        if isinstance(cookie, dict):
+        if isinstance(session_authuser, dict):
             try:
-                return AuthUser.from_cookie(cookie)
+                return AuthUser.from_cookie(session_authuser)
             except UserCreationError as e:
                 # container auth or other auth functions that create users on
                 # the fly can throw UserCreationError to signal issues with