[Update] 修改authentication目录结构

2025-11-12 21:58:39 +00:00 · 2019-02-28 11:58:48 +08:00
parent 6700dc969f
commit 9b3509208d
23 changed files with 78 additions and 65 deletions
--- a/apps/authentication/backends/openid/middleware.py
+++ b/apps/authentication/backends/openid/middleware.py
@@ -0,0 +1,45 @@
+# coding:utf-8
+#
+
+from django.conf import settings
+from django.contrib.auth import logout
+from django.utils.deprecation import MiddlewareMixin
+from django.contrib.auth import BACKEND_SESSION_KEY
+
+from common.utils import get_logger
+from .utils import new_client
+from .models import OIDT_ACCESS_TOKEN
+
+BACKEND_OPENID_AUTH_CODE = \
+    'authentication.backends.openid.OpenIDAuthorizationCodeBackend'
+client = new_client()
+logger = get_logger(__file__)
+__all__ = ['OpenIDAuthenticationMiddleware']
+
+
+class OpenIDAuthenticationMiddleware(MiddlewareMixin):
+    """
+    Check openid user single logout (with access_token)
+    """
+
+    def process_request(self, request):
+
+        # Don't need openid auth if AUTH_OPENID is False
+        if not settings.AUTH_OPENID:
+            return
+
+        # Don't need check single logout if user not authenticated
+        if not request.user.is_authenticated:
+            return
+
+        elif request.session[BACKEND_SESSION_KEY] != BACKEND_OPENID_AUTH_CODE:
+            return
+
+        # Check openid user single logout or not with access_token
+        try:
+            client.openid_connect_client.userinfo(
+                token=request.session.get(OIDT_ACCESS_TOKEN))
+
+        except Exception as e:
+            logout(request)
+            logger.error(e)