fix: 修复MFA绑定失败的问题(通过修改session中auth_backend的key实现;django.auth.get_user时校验backends路径失败返回AnonymousUser)

4 years ago · bd8a1a7d0e
2 changed files with 3 additions and 7 deletions
--- a/apps/authentication/signals_handlers.py
+++ b/apps/authentication/signals_handlers.py
@ -1,6 +1,5 @@
 from importlib import import_module

-from django.contrib.auth import BACKEND_SESSION_KEY
 from django.conf import settings
 from django.contrib.auth import user_logged_in
 from django.core.cache import cache
@ -25,17 +24,17 @@ def on_user_auth_login_success(sender, user, request, **kwargs):

@receiver(openid_user_login_success)
 def on_oidc_user_login_success(sender, request, user, create=False, **kwargs):
-    request.session[BACKEND_SESSION_KEY] = 'OIDCAuthCodeBackend'
+    request.session['auth_backend'] = settings.AUTH_BACKEND_OIDC_CODE
    post_auth_success.send(sender, user=user, request=request)


@receiver(openid_user_login_failed)
 def on_oidc_user_login_failed(sender, username, request, reason, **kwargs):
-    request.session[BACKEND_SESSION_KEY] = 'OIDCAuthCodeBackend'
+    request.session['auth_backend'] = settings.AUTH_BACKEND_OIDC_CODE
    post_auth_failed.send(sender, username=username, request=request, reason=reason)


@receiver(cas_user_authenticated)
 def on_cas_user_login_success(sender, request, user, **kwargs):
-    request.session[BACKEND_SESSION_KEY] = 'CASBackend'
+    request.session['auth_backend'] = settings.AUTH_BACKEND_CAS
    post_auth_success.send(sender, user=user, request=request)
--- a/apps/users/views/profile/otp.py
+++ b/apps/users/views/profile/otp.py
@ -51,9 +51,6 @@ class UserOtpEnableInstallAppView(TemplateView):
        return super().get_context_data(**kwargs)


-
-
-
 class UserOtpEnableBindView(AuthMixin, TemplateView, FormView):
    template_name = 'users/user_otp_enable_bind.html'
    form_class = forms.UserCheckOtpCodeForm