Store the connexion method in a session variable

2020-05-17 18:50:54 +02:00 · 2020-05-17 18:50:54 +02:00 · 6a75f78541
commit 6a75f78541
parent ead851893a
5 changed files with 12 additions and 36 deletions
--- a/authens/backends.py
+++ b/authens/backends.py
@ -60,10 +60,9 @@ class ENSCASBackend:

        cas_login = self.clean_cas_login(cas_login)
        year = get_entrance_year(attributes)
-        user = self._get_or_create(cas_login, year)
-        user.cas_account.connected_to_cas = True
-        user.cas_account.save()
-        return user
+        if request:
+            request.session["CASCONNECTED"] = True
+        return self._get_or_create(cas_login, year)

    def clean_cas_login(self, cas_login):
        return cas_login.strip().lower()
--- a/authens/migrations/0002_casaccount_connected_to_cas.py
+++ b/authens/migrations/0002_casaccount_connected_to_cas.py
@ -1,18 +0,0 @@
-# Generated by Django 3.0.6 on 2020-05-17 12:23
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ("authens", "0001_initial"),
-    ]
-
-    operations = [
-        migrations.AddField(
-            model_name="casaccount",
-            name="connected_to_cas",
-            field=models.BooleanField(default=False, editable=False),
-        ),
-    ]
--- a/authens/models.py
+++ b/authens/models.py
@ -27,11 +27,6 @@ class CASAccount(models.Model):
        verbose_name=_("année de création du compte CAS"), blank=False, null=False
    )

-    # This is True if and only if the user is connected via CAS (and not e.g. by
-    # password). This is used to decide whether to redirect to user to the CAS logout
-    # page or not when the user disconnects.
-    connected_to_cas = models.BooleanField(default=False, editable=False)
-
    class Meta:
        verbose_name = _("Compte CAS")
        verbose_name_plural = _("Comptes CAS")
--- a/authens/tests/test_views.py
+++ b/authens/tests/test_views.py
@ -38,7 +38,7 @@ class TestLogoutView(TestCase):

        # Log the user in via CAS
        client = Client()
-        client.login(ticket="dummy ticket")
+        client.get("/authens/login/cas?ticket=dummy-ticket")

        self.assertEqual(Session.objects.count(), 1)
        response = client.get("/authens/logout")
--- a/authens/views.py
+++ b/authens/views.py
@ -6,7 +6,6 @@ from django.views.generic import TemplateView, View
 from django.shortcuts import redirect
 from django.utils.translation import gettext_lazy as _

-from authens.models import CASAccount
 from authens.utils import get_cas_client


@ -85,16 +84,17 @@ class LogoutView(auth_views.LogoutView):
    logged in via CAS.
    """

-    def setup(self, *args, **kwargs):
-        super().setup(*args, **kwargs)
-        cas_account = CASAccount.objects.filter(user=self.request.user)
-        self.cas_account = cas_account.get() if cas_account.exists() else None
+    def setup(self, request):
+        super().setup(request)
+        if "CASCONNECTED" in request.session:
+            del request.session["CASCONNECTED"]
+            self.cas_connected = True
+        else:
+            self.cas_connected = False

    def get_next_page(self):
-        if self.cas_account and self.cas_account.connected_to_cas:
+        if self.cas_connected:
            cas_client = get_cas_client(self.request)
-            self.cas_account.connected_to_cas = False
-            self.cas_account.save()
            return cas_client.get_logout_url()
        else:
            return super().get_next_page()