github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-16 15:28:38 +00:00
Code Issues Projects Releases Wiki Activity

[Update] 修改authentication backends

Browse Source
This commit is contained in:
ibuler
2019-02-28 15:12:45 +08:00
parent 9b3509208d
commit 1969fb79fe
9 changed files with 15 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
apps/authentication/backends/openid/backends.py
View File

@@ -75,7 +75,6 @@ class OpenIDAuthorizationPasswordBackend(BaseOpenIDAuthorizationBackend):
if not settings.AUTH_OPENID:
return None
elif not username:
return None

14
apps/authentication/backends/openid/middleware.py
View File

@@ -10,9 +10,7 @@ from common.utils import get_logger
from .utils import new_client
from .models import OIDT_ACCESS_TOKEN
BACKEND_OPENID_AUTH_CODE = \
'authentication.backends.openid.OpenIDAuthorizationCodeBackend'
client = new_client()
BACKEND_OPENID_AUTH_CODE = 'OpenIDAuthorizationCodeBackend'
logger = get_logger(__file__)
__all__ = ['OpenIDAuthenticationMiddleware']
@@ -23,22 +21,22 @@ class OpenIDAuthenticationMiddleware(MiddlewareMixin):
"""
def process_request(self, request):
# Don't need openid auth if AUTH_OPENID is False
if not settings.AUTH_OPENID:
return
# Don't need check single logout if user not authenticated
if not request.user.is_authenticated:
return
elif request.session[BACKEND_SESSION_KEY] != BACKEND_OPENID_AUTH_CODE:
elif request.session[BACKEND_SESSION_KEY].endswith(
BACKEND_OPENID_AUTH_CODE):
return
# Check openid user single logout or not with access_token
client = new_client()
try:
client.openid_connect_client.userinfo(
token=request.session.get(OIDT_ACCESS_TOKEN))
token=request.session.get(OIDT_ACCESS_TOKEN)
)
except Exception as e:
logout(request)

5
apps/authentication/backends/openid/views.py
View File

@@ -26,7 +26,6 @@ __all__ = ['OpenIDLoginView', 'OpenIDLoginCompleteView']
class OpenIDLoginView(RedirectView):
def get_redirect_url(self, *args, **kwargs):
# Todo: 待优化
redirect_uri = settings.BASE_SITE_URL + settings.LOGIN_COMPLETE_URL
nonce = Nonce(
redirect_uri=redirect_uri,
@@ -71,6 +70,8 @@ class OpenIDLoginCompleteView(RedirectView):
return HttpResponseBadRequest()
login(self.request, user)
post_openid_login_success.send(sender=self.__class__, user=user, request=self.request)
post_openid_login_success.send(
sender=self.__class__, user=user, request=self.request
)
return HttpResponseRedirect(nonce.next_path or '/')