CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-04 15:04:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

[SECURITY] Enforce session validation on oauth authorize endpoint

Browse Source
This commit is contained in:
Raphael Michel
2023-03-06 11:52:01 +01:00
parent 9bed40fa09
commit 926d334b10
5 changed files with 152 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/pretix/api/views/oauth.py
View File

@@ -34,6 +34,7 @@ from oauth2_provider.views import (
from pretix.api.models import OAuthApplication
from pretix.base.models import Organizer
from pretix.control.views.user import RecentAuthenticationRequiredMixin
logger = logging.getLogger(__name__)
@@ -54,7 +55,7 @@ class OAuthAllowForm(AllowForm):
del self.fields['organizers']
class AuthorizationView(BaseAuthorizationView):
class AuthorizationView(RecentAuthenticationRequiredMixin, BaseAuthorizationView):
template_name = "pretixcontrol/auth/oauth_authorization.html"
form_class = OAuthAllowForm