github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-07-13 14:44:47 +00:00
Code Issues Projects Releases Wiki Activity

fix: SSO access to web assets with encrypted password auto-filling

Browse Source
This commit is contained in:
jiangweidong 2025-07-04 17:38:45 +08:00 committed by 老广
parent 9bdfab966f
commit 99c4622ccb
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/authentication/middleware.py
View File

@ -120,7 +120,10 @@ class SessionCookieMiddleware(MiddlewareMixin):
USER_LOGIN_ENCRYPTION_KEY_PAIR = 'user_login_encryption_key_pair'
def set_cookie_public_key(self, request, response):
if request.path.startswith('/api'):
whitelist = [
'/api/v1/authentication/sso/login/',
]
if request.path.startswith('/api') and request.path not in whitelist:
return
session_public_key_name = settings.SESSION_RSA_PUBLIC_KEY_NAME