fix: 解决OAuth2可以跳过不存在用户不允许登录的规则

pull/13361/head
jiangweidong 2024-05-30 14:58:19 +08:00 committed by Bryan
parent 0d825927e1
commit cdfb11549e
1 changed files with 2 additions and 8 deletions

View File

@ -4,7 +4,6 @@ from django.contrib import auth
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
from django.urls import reverse from django.urls import reverse
from django.utils.http import urlencode from django.utils.http import urlencode
from django.utils.translation import gettext_lazy as _
from authentication.utils import build_absolute_uri from authentication.utils import build_absolute_uri
from authentication.views.mixins import FlashMessageMixin from authentication.views.mixins import FlashMessageMixin
@ -55,11 +54,7 @@ class OAuth2AuthCallbackView(View, FlashMessageMixin):
logger.debug(log_prompt.format('Process authenticate')) logger.debug(log_prompt.format('Process authenticate'))
user = authenticate(code=callback_params['code'], request=request) user = authenticate(code=callback_params['code'], request=request)
if err_msg := getattr(request, 'error_message', ''): if user:
login_url = reverse('authentication:login') + '?admin=1'
return self.get_failed_response(login_url, title=_('Authentication failed'), msg=err_msg)
if user and user.is_valid:
logger.debug(log_prompt.format('Login: {}'.format(user))) logger.debug(log_prompt.format('Login: {}'.format(user)))
auth.login(self.request, user) auth.login(self.request, user)
logger.debug(log_prompt.format('Redirect')) logger.debug(log_prompt.format('Redirect'))
@ -68,8 +63,7 @@ class OAuth2AuthCallbackView(View, FlashMessageMixin):
) )
logger.debug(log_prompt.format('Redirect')) logger.debug(log_prompt.format('Redirect'))
# OAuth2 服务端认证成功, 但是用户被禁用了, 这时候需要调用服务端的logout redirect_url = settings.AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT or '/'
redirect_url = settings.AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT
return HttpResponseRedirect(redirect_url) return HttpResponseRedirect(redirect_url)