Merge branch 'master' of gitlab.com:allianceauth/allianceauth into v4.x

2025-07-09 04:20:17 +02:00 · 2023-12-25 19:49:54 +10:00 · 2023-12-25 19:49:54 +10:00 · c602cf0b00
commit c602cf0b00
parent b28b51916c 3de988369f
3 changed files with 12 additions and 9 deletions
--- a/allianceauth/authentication/backends.py
+++ b/allianceauth/authentication/backends.py
@ -2,7 +2,6 @@ import logging

 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.models import User, Permission
-from django.contrib import messages

 from .models import UserProfile, CharacterOwnership, OwnershipRecord

@ -41,9 +40,7 @@ class StateBackend(ModelBackend):
                if ownership.user.profile.main_character:
                    if ownership.user.profile.main_character.character_id == token.character_id:
                        return ownership.user
-                    else:  ## this is an alt, enforce main only.
-                        if request:
-                            messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account.")
+                    else:  # this is an alt, enforce main only.
                        return None
            else:
                logger.debug(f'{token.character_name} has changed ownership. Creating new user account.')
@ -66,9 +63,7 @@ class StateBackend(ModelBackend):
                    user = records[0].user
                    if user.profile.main_character:
                        if user.profile.main_character.character_id != token.character_id:
-                            ## this is an alt, enforce main only due to trust issues in SSO.
-                            if request:
-                                messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account. Then add this character from the dashboard.")
+                            # this is an alt, enforce main only due to trust issues in SSO.
                            return None

                    token.user = user
--- a/allianceauth/authentication/views.py
+++ b/allianceauth/authentication/views.py
@ -200,7 +200,13 @@ def sso_login(request, token):
            request.session['registration_uid'] = user.pk
            # Go to Step 2
            return redirect('registration_register')
-    messages.error(request, _('Unable to authenticate as the selected character.'))
+    # Logging in with an alt is not allowed due to security concerns.
+    token.delete()
+    messages.error(
+        request,
+        _('Unable to authenticate as the selected character. '
+        'Please log in with the main character associated with this account.')
+    )
    return redirect(settings.LOGIN_URL)


--- a/docs/installation/allianceauth.md
+++ b/docs/installation/allianceauth.md
@ -120,12 +120,14 @@ cd Python-3.11.5/
 sudo make altinstall
 ```

+:::
+::::
+
 ### Database

 It's recommended to use a database service instead of SQLite. Many options are available, but this guide will use MariaDB 10.11

 ::::{tabs}
-
 :::{group-tab} Ubuntu 2004, 2204
 Follow the instructions at <https://mariadb.org/download/?t=repo-config&d=20.04+%22focal%22&v=10.11&r_m=osuosl> to add the MariaDB repository to your host.