diff options
author | Andrea Lepori <alepori@student.ethz.ch> | 2022-04-27 21:56:26 +0200 |
---|---|---|
committer | Andrea Lepori <alepori@student.ethz.ch> | 2022-04-27 21:56:26 +0200 |
commit | ee8791a87bc42570689a74bdf5b4abec1d93344a (patch) | |
tree | e157e3baebb273f31416af9520f7db82a58a4885 /accounts/views.py | |
parent | move all items in dropdown (diff) | |
download | scout-subs-ee8791a87bc42570689a74bdf5b4abec1d93344a.tar.gz scout-subs-ee8791a87bc42570689a74bdf5b4abec1d93344a.zip |
multiuser logout support
Diffstat (limited to '')
-rw-r--r-- | accounts/views.py | 47 |
1 files changed, 46 insertions, 1 deletions
diff --git a/accounts/views.py b/accounts/views.py index 67e8911..ecaab4a 100644 --- a/accounts/views.py +++ b/accounts/views.py @@ -108,6 +108,41 @@ class CustomLoginView(LoginView): form_class = AuthForm extra_context = {'midata_enabled': MIDATA_ENABLED} + def get(self, request, *args, **kwargs): + # check auto-login is enabled + if "autologin" not in request.COOKIES: + return super(CustomLoginView, self).get(request, *args, **kwargs) + + if request.COOKIES.get("autologin") != "true": + return super(CustomLoginView, self).get(request, *args, **kwargs) + + # check if user has a cookie saved + response = HttpResponseRedirect("/") + + sessions = dict() + # no cookie + if "user_switcher" not in request.COOKIES: + return super(CustomLoginView, self).get(request, *args, **kwargs) + + sessions = json.loads(request.COOKIES.get("user_switcher")) + + # empty cookie + if len(sessions) == 0: + return super(CustomLoginView, self).get(request, *args, **kwargs) + + # pick the first username to login to + username = list(sessions.keys())[0] + + set_session_cookie(response, sessions[username][0], sessions[username][1]) + del sessions[username] + + set_switch_cookie(response, sessions) + + # disable autologin + response.set_cookie("autologin", "false") + + return response + # send to hitobito request to get token def oauth_login(request): if not MIDATA_ENABLED: @@ -260,10 +295,11 @@ def user_switcher(request): set_switch_cookie(response, sessions) response.set_cookie("sessionid", "") + response.set_cookie("autologin", "false") return response - if request.POST["metadata"][0] == 's': + elif request.POST["metadata"][0] == 's': response = HttpResponseRedirect("/") username = request.POST["metadata"][1:] @@ -281,6 +317,15 @@ def user_switcher(request): set_switch_cookie(response, sessions) + response.set_cookie("autologin", "false") + + return response + elif request.POST["metadata"] == "logout": + # send user to logout page + # on the login page we check if we have a cookie set + response = HttpResponseRedirect("/accounts/logout") + response.set_cookie("autologin", "true") + return response |