github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-07-04 02:26:34 +00:00
Code Issues Projects Releases Wiki Activity

fix: saml 用户没现在记录 (#11641)

Browse Source 
Co-authored-by: feng <1304903146@qq.com>
This commit is contained in:
fit2bot 2023-09-21 14:02:09 +08:00 committed by GitHub
parent 803d590096
commit b023ca0c69
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/audits/api.py
View File

@ -268,7 +268,10 @@ class UserSessionViewSet(CommonApiMixin, viewsets.ModelViewSet):
return user_ids return user_ids
def get_queryset(self): def get_queryset(self):
queryset = UserSession.objects.filter(date_expired__gt=timezone.now()) keys = UserSession.get_keys()
queryset = UserSession.objects.filter(
date_expired__gt=timezone.now(), key__in=keys
)
if current_org.is_root(): if current_org.is_root():
return queryset return queryset
user_ids = self.org_user_ids user_ids = self.org_user_ids

10
apps/audits/models.py
View File

@ -1,7 +1,9 @@
import os import os
import uuid import uuid
from importlib import import_module
from django.conf import settings from django.conf import settings
from django.core.cache import caches
from django.db import models from django.db import models
from django.db.models import Q from django.db.models import Q
from django.utils import timezone from django.utils import timezone
@ -269,9 +271,17 @@ class UserSession(models.Model):
def backend_display(self): def backend_display(self):
return gettext(self.backend) return gettext(self.backend)
@staticmethod
def get_keys():
session_store_cls = import_module(settings.SESSION_ENGINE).SessionStore
cache_key_prefix = session_store_cls.cache_key_prefix
keys = caches[settings.SESSION_CACHE_ALIAS].keys('*')
return [k.replace(cache_key_prefix, '') for k in keys]
@classmethod @classmethod
def clear_expired_sessions(cls): def clear_expired_sessions(cls):
cls.objects.filter(date_expired__lt=timezone.now()).delete() cls.objects.filter(date_expired__lt=timezone.now()).delete()
cls.objects.exclude(key__in=cls.get_keys()).delete()
class Meta: class Meta:
ordering = ['-date_created'] ordering = ['-date_created']

9
apps/audits/signal_handlers/login_log.py
View File

@ -5,7 +5,6 @@ from importlib import import_module
from django.conf import settings from django.conf import settings
from django.contrib.auth import BACKEND_SESSION_KEY from django.contrib.auth import BACKEND_SESSION_KEY
from django.core.cache import caches
from django.dispatch import receiver from django.dispatch import receiver
from django.utils import timezone, translation from django.utils import timezone, translation
from django.utils.functional import LazyObject from django.utils.functional import LazyObject
@ -83,11 +82,10 @@ def generate_data(username, request, login_type=None):
def create_user_session(request, user_id, instance: UserLoginLog): def create_user_session(request, user_id, instance: UserLoginLog):
session_key = request.session.session_key session_key = request.session.session_key or '-'
session_store_cls = import_module(settings.SESSION_ENGINE).SessionStore session_store_cls = import_module(settings.SESSION_ENGINE).SessionStore
session_store = session_store_cls(session_key=session_key) session_store = session_store_cls(session_key=session_key)
cache_key = session_store.cache_key ttl = session_store.get_expiry_age()
ttl = caches[settings.SESSION_CACHE_ALIAS].ttl(cache_key)
online_session_data = { online_session_data = {
'user_id': user_id, 'user_id': user_id,
@ -114,9 +112,8 @@ def on_user_auth_success(sender, user, request, login_type=None, **kwargs):
request.session['login_time'] = data['datetime'].strftime("%Y-%m-%d %H:%M:%S") request.session['login_time'] = data['datetime'].strftime("%Y-%m-%d %H:%M:%S")
data.update({'mfa': int(user.mfa_enabled), 'status': True}) data.update({'mfa': int(user.mfa_enabled), 'status': True})
instance = write_login_log(**data) instance = write_login_log(**data)
session_key = request.session.session_key
# TODO 目前只记录 web 登录的 session # TODO 目前只记录 web 登录的 session
if not session_key or instance.type != LoginTypeChoices.web: if instance.type != LoginTypeChoices.web:
return return
create_user_session(request, user.id, instance) create_user_session(request, user.id, instance)