perf: login success to call client

2024-10-31 18:22:43 +08:00 · 2024-10-31 18:22:43 +08:00 · 2cf80e6615
parent 9a18ed631c
commit 2cf80e6615
4 changed files with 33 additions and 6 deletions
--- a/apps/authentication/views/login.py
+++ b/apps/authentication/views/login.py
@ -24,8 +24,8 @@ from django.views.decorators.debug import sensitive_post_parameters
 from django.views.generic.base import TemplateView, RedirectView
 from django.views.generic.edit import FormView

-from common.utils import FlashMessageUtil, static_or_direct, safe_next_url
 from common.const import Language
+from common.utils import FlashMessageUtil, static_or_direct, safe_next_url
 from users.utils import (
    redirect_user_first_login_or_index
 )
--- a/apps/templates/flash_message_standalone.html
+++ b/apps/templates/flash_message_standalone.html
@ -16,7 +16,7 @@
            {% if error %}
                {{ error }}
            {% else %}
-                {{ message|safe }}
+                {{ message | safe }}
            {% endif %}
            </div>
        </p>
@ -52,6 +52,7 @@
    {% else %}
        message = '{{ message|safe }}'
    {% endif %}
+    var redirect_url = '{{ redirect_url }}'

    function redirect_page() {
        if (time >= 0) {
@ -60,7 +61,7 @@
            time -= ttl;
            setTimeout(redirect_page, ttl * 1000);
        } else {
-            window.location.href = "{{ redirect_url }}";
+            window.location.href = redirect_url
        }
    }
    {% if auto_redirect %}
--- a/apps/users/models/user/_token.py
+++ b/apps/users/models/user/_token.py
@ -36,8 +36,8 @@ class TokenMixin:
        self.delete_private_token()
        return self.create_private_token()

-    def create_bearer_token(self, request=None):
-        expiration = settings.TOKEN_EXPIRATION or 3600
+    def create_bearer_token(self, request=None, age=None):
+        expiration = age or settings.TOKEN_EXPIRATION or 3600
        if request:
            remote_addr = request.META.get("REMOTE_ADDR", "")
        else:
--- a/apps/users/utils.py
+++ b/apps/users/utils.py
@ -1,6 +1,7 @@
 # ~*~ coding: utf-8 ~*~
 #
 import base64
+import json
 import logging
 import os
 import re
@ -9,9 +10,10 @@ import time
 import pyotp
 from django.conf import settings
 from django.core.cache import cache
+from django.utils.translation import gettext as _

 from common.tasks import send_mail_async
-from common.utils import reverse, get_object_or_none, ip, safe_next_url
+from common.utils import reverse, get_object_or_none, ip, safe_next_url, FlashMessageUtil
 from .models import User

 logger = logging.getLogger('jumpserver.users')
@ -45,10 +47,34 @@ def get_user_or_pre_auth_user(request):
    return user


+def get_redirect_client_url(request):
+    bearer_token, date_expired = request.user.create_bearer_token(request, age=3600*36*5)
+    data = {
+        'type': 'auth',
+        'bearer_token': bearer_token,
+        'date_expired': date_expired.timestamp()
+    }
+    buf = base64.b64encode(json.dumps(data).encode()).decode()
+    redirect_url = 'jms://{}'.format(buf)
+    message_data = {
+        'title': _('Auth success'),
+        'message': _("Redirecting to JumpServer Client"),
+        'redirect_url': redirect_url,
+        'interval': 1,
+        'has_cancel': False,
+    }
+    url = FlashMessageUtil.gen_message_url(message_data)
+    return url
+
+
 def redirect_user_first_login_or_index(request, redirect_field_name):
    url = request.POST.get(redirect_field_name)
    if not url:
        url = request.GET.get(redirect_field_name)
+
+    if url == 'client':
+        url = get_redirect_client_url(request)
+
    url = safe_next_url(url, request=request)
    # 防止 next 地址为 None
    if not url or url.lower() in ['none']: