implement session_not_on_or_after using new session engines (fixes #9640)
This commit is contained in:
parent
9143056569
commit
2289b8350e
12
README
12
README
|
@ -253,3 +253,15 @@ Tests
|
|||
Unit tests are written using pytest, and can be run with:
|
||||
|
||||
DJANGO_SETTINGS_MODULE=testsettings py.test
|
||||
|
||||
Remarks
|
||||
=======
|
||||
|
||||
To honor the SessionNotOnOrAfter attribute sent by an IdP you must use a specific SessionEngine,
|
||||
only db and cached_db are supported currently, the equivalent session engines are:
|
||||
|
||||
mellon.sessions_backends.db
|
||||
|
||||
and
|
||||
|
||||
mellon.sessions_backends.cached_db
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
from django.contrib.sessions.backends.db import SessionStore
|
||||
|
||||
from . import db
|
||||
|
||||
class SessionStore(db.SessionStore, SessionStore):
|
||||
pass
|
|
@ -0,0 +1,23 @@
|
|||
from django.contrib.sessions.backends.db import SessionStore
|
||||
|
||||
from mellon import utils
|
||||
|
||||
class SessionStore(SessionStore):
|
||||
|
||||
def get_session_not_on_or_after(self):
|
||||
session_not_on_or_after = self.get('mellon_session', {}).get('session_not_on_or_after')
|
||||
if session_not_on_or_after:
|
||||
return utils.iso8601_to_datetime(session_not_on_or_after)
|
||||
return None
|
||||
|
||||
def get_expiry_age(self, **kwargs):
|
||||
session_not_on_or_after = self.get_session_not_on_or_after()
|
||||
if session_not_on_or_after and 'expiry' not in kwargs:
|
||||
kwargs['expiry'] = session_not_on_or_after
|
||||
return super(SessionStore, self).get_expiry_age(**kwargs)
|
||||
|
||||
def get_expiry_date(self, **kwargs):
|
||||
session_not_on_or_after = self.get_session_not_on_or_after()
|
||||
if session_not_on_or_after and 'expiry' not in kwargs:
|
||||
kwargs['expiry'] = session_not_on_or_after
|
||||
return super(SessionStore, self).get_expiry_date(**kwargs)
|
|
@ -132,7 +132,8 @@ class LoginView(LogMixin, View):
|
|||
self.log.info('user %r (NameID is %r) logged in using SAML',
|
||||
unicode(user), attributes['name_id_content'])
|
||||
request.session['mellon_session'] = utils.flatten_datetime(attributes)
|
||||
if 'session_not_on_or_after' in attributes:
|
||||
if ('session_not_on_or_after' in attributes and
|
||||
not settings.SESSION_EXPIRE_AT_BROWSER_CLOSE):
|
||||
request.session.set_expiry(utils.get_seconds_expiry(attributes['session_not_on_or_after']))
|
||||
else:
|
||||
return render(request, 'mellon/inactive_user.html', {
|
||||
|
|
Loading…
Reference in New Issue