mirror of
https://github.com/janeczku/calibre-web
synced 2024-12-20 15:10:31 +00:00
Logout if logged out and don't allow to get logged in afterwards
This commit is contained in:
parent
259ac94b93
commit
a1a8a0cf29
@ -34,6 +34,7 @@ from babel.dates import format_datetime
|
|||||||
from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g, Response
|
from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g, Response
|
||||||
from flask_login import login_required, current_user, logout_user, confirm_login
|
from flask_login import login_required, current_user, logout_user, confirm_login
|
||||||
from flask_babel import gettext as _
|
from flask_babel import gettext as _
|
||||||
|
from flask import session as flask_session
|
||||||
from sqlalchemy import and_
|
from sqlalchemy import and_
|
||||||
from sqlalchemy.orm.attributes import flag_modified
|
from sqlalchemy.orm.attributes import flag_modified
|
||||||
from sqlalchemy.exc import IntegrityError, OperationalError, InvalidRequestError
|
from sqlalchemy.exc import IntegrityError, OperationalError, InvalidRequestError
|
||||||
@ -98,8 +99,10 @@ def admin_required(f):
|
|||||||
|
|
||||||
@admi.before_app_request
|
@admi.before_app_request
|
||||||
def before_request():
|
def before_request():
|
||||||
if current_user.is_authenticated:
|
if not ub.check_user_session(current_user.id, flask_session.get('_id')):
|
||||||
confirm_login()
|
logout_user()
|
||||||
|
# if current_user.is_authenticated:
|
||||||
|
# confirm_login()
|
||||||
g.constants = constants
|
g.constants = constants
|
||||||
g.user = current_user
|
g.user = current_user
|
||||||
g.allow_registration = config.config_public_reg
|
g.allow_registration = config.config_public_reg
|
||||||
|
20
cps/ub.py
20
cps/ub.py
@ -60,6 +60,24 @@ app_DB_path = None
|
|||||||
Base = declarative_base()
|
Base = declarative_base()
|
||||||
searched_ids = {}
|
searched_ids = {}
|
||||||
|
|
||||||
|
logged_in = dict()
|
||||||
|
|
||||||
|
def store_user_session():
|
||||||
|
if flask_session.get('_user_id', ""):
|
||||||
|
if logged_in.get(flask_session.get('_user_id', "")):
|
||||||
|
logged_in[flask_session.get('_user_id', "")].append(flask_session.get('_id', ""))
|
||||||
|
else:
|
||||||
|
logged_in[flask_session.get('_user_id', "")] = [flask_session.get('_id', "")]
|
||||||
|
log.info(flask_session.get('_id', ""))
|
||||||
|
|
||||||
|
def delete_user_session(user_id, session_key):
|
||||||
|
try:
|
||||||
|
logged_in.get(str(user_id), []).remove(session_key)
|
||||||
|
except ValueError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
def check_user_session(user_id, session_key):
|
||||||
|
return session_key in logged_in.get(str(user_id), [])
|
||||||
|
|
||||||
def store_ids(result):
|
def store_ids(result):
|
||||||
ids = list()
|
ids = list()
|
||||||
@ -72,7 +90,7 @@ class UserBase:
|
|||||||
|
|
||||||
@property
|
@property
|
||||||
def is_authenticated(self):
|
def is_authenticated(self):
|
||||||
return True
|
return self.is_active
|
||||||
|
|
||||||
def _has_role(self, role_flag):
|
def _has_role(self, role_flag):
|
||||||
return constants.has_flag(self.role, role_flag)
|
return constants.has_flag(self.role, role_flag)
|
||||||
|
@ -1513,6 +1513,7 @@ def login():
|
|||||||
login_result, error = services.ldap.bind_user(form['username'], form['password'])
|
login_result, error = services.ldap.bind_user(form['username'], form['password'])
|
||||||
if login_result:
|
if login_result:
|
||||||
login_user(user, remember=bool(form.get('remember_me')))
|
login_user(user, remember=bool(form.get('remember_me')))
|
||||||
|
ub.store_user_session()
|
||||||
log.debug(u"You are now logged in as: '%s'", user.name)
|
log.debug(u"You are now logged in as: '%s'", user.name)
|
||||||
flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.name),
|
flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.name),
|
||||||
category="success")
|
category="success")
|
||||||
@ -1520,6 +1521,7 @@ def login():
|
|||||||
elif login_result is None and user and check_password_hash(str(user.password), form['password']) \
|
elif login_result is None and user and check_password_hash(str(user.password), form['password']) \
|
||||||
and user.name != "Guest":
|
and user.name != "Guest":
|
||||||
login_user(user, remember=bool(form.get('remember_me')))
|
login_user(user, remember=bool(form.get('remember_me')))
|
||||||
|
ub.store_user_session()
|
||||||
log.info("Local Fallback Login as: '%s'", user.name)
|
log.info("Local Fallback Login as: '%s'", user.name)
|
||||||
flash(_(u"Fallback Login as: '%(nickname)s', LDAP Server not reachable, or user not known",
|
flash(_(u"Fallback Login as: '%(nickname)s', LDAP Server not reachable, or user not known",
|
||||||
nickname=user.name),
|
nickname=user.name),
|
||||||
@ -1549,6 +1551,7 @@ def login():
|
|||||||
else:
|
else:
|
||||||
if user and check_password_hash(str(user.password), form['password']) and user.name != "Guest":
|
if user and check_password_hash(str(user.password), form['password']) and user.name != "Guest":
|
||||||
login_user(user, remember=bool(form.get('remember_me')))
|
login_user(user, remember=bool(form.get('remember_me')))
|
||||||
|
ub.store_user_session()
|
||||||
log.debug(u"You are now logged in as: '%s'", user.name)
|
log.debug(u"You are now logged in as: '%s'", user.name)
|
||||||
flash(_(u"You are now logged in as: '%(nickname)s'", nickname=user.name), category="success")
|
flash(_(u"You are now logged in as: '%(nickname)s'", nickname=user.name), category="success")
|
||||||
config.config_is_initial = False
|
config.config_is_initial = False
|
||||||
@ -1572,6 +1575,7 @@ def login():
|
|||||||
@login_required
|
@login_required
|
||||||
def logout():
|
def logout():
|
||||||
if current_user is not None and current_user.is_authenticated:
|
if current_user is not None and current_user.is_authenticated:
|
||||||
|
ub.delete_user_session(current_user.id, flask_session.get('_id',""))
|
||||||
logout_user()
|
logout_user()
|
||||||
if feature_support['oauth'] and (config.config_login_type == 2 or config.config_login_type == 3):
|
if feature_support['oauth'] and (config.config_login_type == 2 or config.config_login_type == 3):
|
||||||
logout_oauth_user()
|
logout_oauth_user()
|
||||||
|
Loading…
Reference in New Issue
Block a user