CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-09 15:54:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix reauth loops with redirect style authentication plugins (#4512)

Browse Source 
* Test reauth with redirect style auth #4498

* Fix reauth loops with redirect style auth #4498
This commit is contained in:
Felix Schäfer
2024-10-09 09:24:49 +02:00
committed by GitHub
parent 30f2e99020
commit 1dda2eb4fb
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/pretix/control/views/auth.py
View File

@@ -94,7 +94,9 @@ def process_login(request, user, keep_logged_in):
pretix_successful_logins.inc(1) pretix_successful_logins.inc(1)
handle_login_source(user, request) handle_login_source(user, request)
auth_login(request, user) auth_login(request, user)
request.session['pretix_auth_login_time'] = int(time.time()) t = int(time.time())
request.session['pretix_auth_login_time'] = t
request.session['pretix_auth_last_used'] = t
if next_url and url_has_allowed_host_and_scheme(next_url, allowed_hosts=None): if next_url and url_has_allowed_host_and_scheme(next_url, allowed_hosts=None):
return redirect_to_url(next_url) return redirect_to_url(next_url)
return redirect('control:index') return redirect('control:index')

16
src/tests/control/test_auth.py
View File

@@ -41,7 +41,7 @@ from django.contrib.auth.tokens import (
PasswordResetTokenGenerator, default_token_generator, PasswordResetTokenGenerator, default_token_generator,
) )
from django.core import mail as djmail from django.core import mail as djmail
from django.test import TestCase, override_settings from django.test import RequestFactory, TestCase, override_settings
from django.utils.timezone import now from django.utils.timezone import now
from django_otp.oath import TOTP from django_otp.oath import TOTP
from django_otp.plugins.otp_totp.models import TOTPDevice from django_otp.plugins.otp_totp.models import TOTPDevice
@@ -50,6 +50,7 @@ from webauthn.authentication.verify_authentication_response import (
) )
from pretix.base.models import Organizer, Team, U2FDevice, User from pretix.base.models import Organizer, Team, U2FDevice, User
from pretix.control.views.auth import process_login
from pretix.helpers import security from pretix.helpers import security
@@ -892,6 +893,19 @@ class SessionTimeOutTest(TestCase):
response = self.client.get('/control/') response = self.client.get('/control/')
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)
def test_plugin_auth_updates_auth_last_used(self):
session = self.client.session
session['pretix_auth_long_session'] = True
session['pretix_auth_login_time'] = int(time.time()) - 3600 * 5
session['pretix_auth_last_used'] = int(time.time()) - 3600 * 3 - 60
session.save()
request = RequestFactory().get("/")
request.session = self.client.session
process_login(request, self.user, keep_logged_in=True)
assert request.session['pretix_auth_last_used'] >= int(time.time()) - 60
def test_update_session_activity(self): def test_update_session_activity(self):
t1 = int(time.time()) - 5 t1 = int(time.time()) - 5
session = self.client.session session = self.client.session