From d198399a00baa1a22b7a64368388de47115f6d94 Mon Sep 17 00:00:00 2001 From: Bai Date: Wed, 27 May 2026 18:11:23 +0800 Subject: [PATCH] fix: third part user login many login logs --- apps/authentication/middleware.py | 29 ++++++++++++++--------------- apps/authentication/mixins.py | 7 ++++--- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/apps/authentication/middleware.py b/apps/authentication/middleware.py index 260d58213..1abd6d486 100644 --- a/apps/authentication/middleware.py +++ b/apps/authentication/middleware.py @@ -8,9 +8,8 @@ from django.shortcuts import redirect, reverse, render from django.utils.deprecation import MiddlewareMixin from django.utils.translation import gettext as _ -from apps.authentication import mixins +from authentication import mixins from audits.signal_handlers import send_login_info_to_reviewers -from authentication.signals import post_auth_failed, post_auth_success from common.utils import gen_key_pair, gen_gm_key_pair from common.utils import get_request_ip @@ -86,9 +85,9 @@ class ThirdPartyLoginMiddleware(mixins.AuthMixin): else: error_message = getattr(e, 'msg', None) error_message = error_message or str(e) - post_auth_failed.send( - sender=self.__class__, username=request.user.username, - request=self.request, reason=error_message + self.send_auth_signal( + success=False, username=request.user.username, + reason=error_message, request=request ) auth_logout(request) context = { @@ -101,17 +100,17 @@ class ThirdPartyLoginMiddleware(mixins.AuthMixin): response = render(request, 'authentication/auth_fail_flash_message_standalone.html', context) return response else: - if not self.request.session.get('auth_confirm_required'): - post_auth_success.send( - sender=self.__class__, user=request.user, request=self.request - ) + if self.request.session.get('auth_confirm_required'): + guard_url = reverse('authentication:login-guard') + args = request.META.get('QUERY_STRING', '') + if args: + guard_url = "%s?%s" % (guard_url, args) + response = redirect(guard_url) + return response + else: + self.send_auth_signal(success=True, user=request.user, request=request) + self.request.session.pop('auth_third_party_required', '') return response - guard_url = reverse('authentication:login-guard') - args = request.META.get('QUERY_STRING', '') - if args: - guard_url = "%s?%s" % (guard_url, args) - response = redirect(guard_url) - return response finally: if request.session.get('can_send_notifications') and \ self.request.session.get('auth_notice_required'): diff --git a/apps/authentication/mixins.py b/apps/authentication/mixins.py index 16599bc48..1644b9810 100644 --- a/apps/authentication/mixins.py +++ b/apps/authentication/mixins.py @@ -731,15 +731,16 @@ class AuthMixin(CommonMixin, AuthPreCheckMixin, AuthACLMixin, AuthFaceMixin, MFA for k in keys: self.request.session.pop(k, '') - def send_auth_signal(self, success=True, user=None, username='', reason=''): + def send_auth_signal(self, success=True, user=None, username='', reason='', request=None): + request = request or self.request if success: post_auth_success.send( - sender=self.__class__, user=user, request=self.request + sender=self.__class__, user=user, request=request ) else: post_auth_failed.send( sender=self.__class__, username=username, - request=self.request, reason=reason + request=request, reason=reason ) def redirect_to_guard_view(self):