github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-05 09:21:02 +00:00
Code Issues Projects Releases Wiki Activity

feat: 添加 session guard

Browse Source
This commit is contained in:
ibuler
2022-05-18 14:42:54 +08:00
committed by Jiangjie.Bai
parent e5f4b8000e
commit aa7540045b
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
apps/authentication/middleware.py
View File

@@ -60,14 +60,28 @@ class SessionCookieMiddleware(MiddlewareMixin):
response.set_cookie(pub_key_name, public_key_decode)
@staticmethod
def set_session_cooke_prefix(request, response):
def set_cookie_session_prefix(request, response):
key = settings.SESSION_COOKIE_NAME_PREFIX_KEY
value = settings.SESSION_COOKIE_NAME_PREFIX
if request.COOKIES.get(key) == value:
return response
response.set_cookie(key, value)
@staticmethod
def set_cookie_session_expire(request, response):
if not request.session.get('auth_session_expiration_required'):
return
value = 'age'
if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE_FORCE or \
not request.session.get('auto_login', False):
value = 'close'
age = request.session.get_expiry_age()
response.set_cookie('jms_session_expire', value, max_age=age)
request.session.pop('auth_session_expiration_required', None)
def process_response(self, request, response: HttpResponse):
self.set_session_cooke_prefix(request, response)
self.set_session_cooke_prefix(request, response)
self.set_cookie_session_prefix(request, response)
self.set_cookie_public_key(request, response)
self.set_cookie_session_expire(request, response)
return response