|
|
|
|
@ -11,7 +11,6 @@ from django.utils.functional import LazyObject
|
|
|
|
|
from django.utils.translation import gettext_lazy as _ |
|
|
|
|
from rest_framework.request import Request |
|
|
|
|
|
|
|
|
|
from acls.const import ActionChoices |
|
|
|
|
from acls.models import LoginACL |
|
|
|
|
from acls.notifications import UserLoginReminderMsg |
|
|
|
|
from audits.models import UserLoginLog |
|
|
|
|
@ -85,6 +84,9 @@ def generate_data(username, request, login_type=None):
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def create_user_session(request, user_id, instance: UserLoginLog): |
|
|
|
|
# TODO 目前只记录 web 登录的 session |
|
|
|
|
if instance.type != LoginTypeChoices.web: |
|
|
|
|
return |
|
|
|
|
session_key = request.session.session_key or '-' |
|
|
|
|
session_store_cls = import_module(settings.SESSION_ENGINE).SessionStore |
|
|
|
|
session_store = session_store_cls(session_key=session_key) |
|
|
|
|
@ -102,10 +104,21 @@ def create_user_session(request, user_id, instance: UserLoginLog):
|
|
|
|
|
'date_expired': instance.datetime + timedelta(seconds=ttl), |
|
|
|
|
} |
|
|
|
|
user_session = UserSession.objects.create(**online_session_data) |
|
|
|
|
request.session['user_session_id'] = user_session.id |
|
|
|
|
request.session['user_session_id'] = str(user_session.id) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def send_login_info_to_reviewers(instance: UserLoginLog | str, auth_acl_id): |
|
|
|
|
if isinstance(instance, str): |
|
|
|
|
instance = UserLoginLog.objects.filter(id=instance).first() |
|
|
|
|
|
|
|
|
|
if not instance: |
|
|
|
|
return |
|
|
|
|
|
|
|
|
|
acl = LoginACL.objects.filter(id=auth_acl_id).first() |
|
|
|
|
if not acl or not acl.reviewers.exists(): |
|
|
|
|
return |
|
|
|
|
|
|
|
|
|
def send_login_info_to_reviewers(instance: UserLoginLog, reviewers): |
|
|
|
|
reviewers = acl.reviewers.all() |
|
|
|
|
for reviewer in reviewers: |
|
|
|
|
UserLoginReminderMsg(reviewer, instance).publish_async() |
|
|
|
|
|
|
|
|
|
@ -119,22 +132,15 @@ def on_user_auth_success(sender, user, request, login_type=None, **kwargs):
|
|
|
|
|
data.update({'mfa': int(user.mfa_enabled), 'status': True}) |
|
|
|
|
instance = write_login_log(**data) |
|
|
|
|
|
|
|
|
|
# TODO 目前只记录 web 登录的 session |
|
|
|
|
if instance.type != LoginTypeChoices.web: |
|
|
|
|
return |
|
|
|
|
create_user_session(request, user.id, instance) |
|
|
|
|
|
|
|
|
|
request.session['user_log_id'] = str(instance.id) |
|
|
|
|
request.session['can_send_notifications'] = True |
|
|
|
|
auth_notice_required = request.session.get('auth_notice_required') |
|
|
|
|
if not auth_notice_required: |
|
|
|
|
return |
|
|
|
|
|
|
|
|
|
auth_acl_id = request.session.get('auth_acl_id') |
|
|
|
|
acl = LoginACL.objects.filter(id=auth_acl_id, action=ActionChoices.notice).first() |
|
|
|
|
if not acl or not acl.reviewers.exists(): |
|
|
|
|
return |
|
|
|
|
|
|
|
|
|
reviewers = acl.reviewers.all() |
|
|
|
|
send_login_info_to_reviewers(instance, reviewers) |
|
|
|
|
send_login_info_to_reviewers(instance, auth_acl_id) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@receiver(post_auth_failed) |
|
|
|
|
|
fit2bot
1 year ago
committed by