Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-07-09 12:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fix-orphan-tokens' into 'master'

Browse Source 
Fix orphan tokens and remove unused messages from backends

Closes #1391

See merge request allianceauth/allianceauth!1570
This commit is contained in:
Ariel Rin 2023-12-25 09:48:15 +00:00
commit 3de988369f
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
allianceauth/authentication/backends.py
View File

@ -2,7 +2,6 @@ import logging
from django.contrib.auth.backends import ModelBackend from django.contrib.auth.backends import ModelBackend
from django.contrib.auth.models import User, Permission from django.contrib.auth.models import User, Permission
from django.contrib import messages
from .models import UserProfile, CharacterOwnership, OwnershipRecord from .models import UserProfile, CharacterOwnership, OwnershipRecord
@ -41,9 +40,7 @@ class StateBackend(ModelBackend):
if ownership.user.profile.main_character: if ownership.user.profile.main_character:
if ownership.user.profile.main_character.character_id == token.character_id: if ownership.user.profile.main_character.character_id == token.character_id:
return ownership.user return ownership.user
else: ## this is an alt, enforce main only. else: # this is an alt, enforce main only.
if request:
messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account.")
return None return None
else: else:
logger.debug(f'{token.character_name} has changed ownership. Creating new user account.') logger.debug(f'{token.character_name} has changed ownership. Creating new user account.')
@ -66,9 +63,7 @@ class StateBackend(ModelBackend):
user = records[0].user user = records[0].user
if user.profile.main_character: if user.profile.main_character:
if user.profile.main_character.character_id != token.character_id: if user.profile.main_character.character_id != token.character_id:
## this is an alt, enforce main only due to trust issues in SSO. # this is an alt, enforce main only due to trust issues in SSO.
if request:
messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account. Then add this character from the dashboard.")
return None return None
token.user = user token.user = user

8
allianceauth/authentication/views.py
View File

@ -171,7 +171,13 @@ def sso_login(request, token):
request.session['registration_uid'] = user.pk request.session['registration_uid'] = user.pk
# Go to Step 2 # Go to Step 2
return redirect('registration_register') return redirect('registration_register')
messages.error(request, _('Unable to authenticate as the selected character.')) # Logging in with an alt is not allowed due to security concerns.
token.delete()
messages.error(
request,
_('Unable to authenticate as the selected character. '
'Please log in with the main character associated with this account.')
)
return redirect(settings.LOGIN_URL) return redirect(settings.LOGIN_URL)