implement session_not_on_or_after using new session engines (fixes #9640)
This commit is contained in:
parent
9143056569
commit
2289b8350e
12
README
12
README
|
@ -253,3 +253,15 @@ Tests
|
||||||
Unit tests are written using pytest, and can be run with:
|
Unit tests are written using pytest, and can be run with:
|
||||||
|
|
||||||
DJANGO_SETTINGS_MODULE=testsettings py.test
|
DJANGO_SETTINGS_MODULE=testsettings py.test
|
||||||
|
|
||||||
|
Remarks
|
||||||
|
=======
|
||||||
|
|
||||||
|
To honor the SessionNotOnOrAfter attribute sent by an IdP you must use a specific SessionEngine,
|
||||||
|
only db and cached_db are supported currently, the equivalent session engines are:
|
||||||
|
|
||||||
|
mellon.sessions_backends.db
|
||||||
|
|
||||||
|
and
|
||||||
|
|
||||||
|
mellon.sessions_backends.cached_db
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
from django.contrib.sessions.backends.db import SessionStore
|
||||||
|
|
||||||
|
from . import db
|
||||||
|
|
||||||
|
class SessionStore(db.SessionStore, SessionStore):
|
||||||
|
pass
|
|
@ -0,0 +1,23 @@
|
||||||
|
from django.contrib.sessions.backends.db import SessionStore
|
||||||
|
|
||||||
|
from mellon import utils
|
||||||
|
|
||||||
|
class SessionStore(SessionStore):
|
||||||
|
|
||||||
|
def get_session_not_on_or_after(self):
|
||||||
|
session_not_on_or_after = self.get('mellon_session', {}).get('session_not_on_or_after')
|
||||||
|
if session_not_on_or_after:
|
||||||
|
return utils.iso8601_to_datetime(session_not_on_or_after)
|
||||||
|
return None
|
||||||
|
|
||||||
|
def get_expiry_age(self, **kwargs):
|
||||||
|
session_not_on_or_after = self.get_session_not_on_or_after()
|
||||||
|
if session_not_on_or_after and 'expiry' not in kwargs:
|
||||||
|
kwargs['expiry'] = session_not_on_or_after
|
||||||
|
return super(SessionStore, self).get_expiry_age(**kwargs)
|
||||||
|
|
||||||
|
def get_expiry_date(self, **kwargs):
|
||||||
|
session_not_on_or_after = self.get_session_not_on_or_after()
|
||||||
|
if session_not_on_or_after and 'expiry' not in kwargs:
|
||||||
|
kwargs['expiry'] = session_not_on_or_after
|
||||||
|
return super(SessionStore, self).get_expiry_date(**kwargs)
|
|
@ -132,7 +132,8 @@ class LoginView(LogMixin, View):
|
||||||
self.log.info('user %r (NameID is %r) logged in using SAML',
|
self.log.info('user %r (NameID is %r) logged in using SAML',
|
||||||
unicode(user), attributes['name_id_content'])
|
unicode(user), attributes['name_id_content'])
|
||||||
request.session['mellon_session'] = utils.flatten_datetime(attributes)
|
request.session['mellon_session'] = utils.flatten_datetime(attributes)
|
||||||
if 'session_not_on_or_after' in attributes:
|
if ('session_not_on_or_after' in attributes and
|
||||||
|
not settings.SESSION_EXPIRE_AT_BROWSER_CLOSE):
|
||||||
request.session.set_expiry(utils.get_seconds_expiry(attributes['session_not_on_or_after']))
|
request.session.set_expiry(utils.get_seconds_expiry(attributes['session_not_on_or_after']))
|
||||||
else:
|
else:
|
||||||
return render(request, 'mellon/inactive_user.html', {
|
return render(request, 'mellon/inactive_user.html', {
|
||||||
|
|
Loading…
Reference in New Issue