Loading aai/authentication_middleware.py +17 −0 Original line number Diff line number Diff line from importlib import import_module from django.conf import settings from django.contrib.auth import SESSION_KEY from django.contrib.auth.hashers import check_password from django.contrib.auth.middleware import get_user from django.contrib.auth.models import AnonymousUser Loading @@ -8,9 +9,13 @@ from django.contrib.sessions.backends.base import UpdateError from django.contrib.sessions.exceptions import SessionInterrupted from django.utils.deprecation import MiddlewareMixin from django.utils.functional import SimpleLazyObject from django.utils import timezone from user.models import User PROLONG_AFTER = 60 * 60 # Prolong session expiration after this many seconds PROLONG_ATTR = "_last_prolonged" class AuthenticationMiddleware(MiddlewareMixin): def __init__(self, get_response=None): Loading @@ -33,6 +38,18 @@ class AuthenticationMiddleware(MiddlewareMixin): request.session = self.SessionStore(session_id) request.user = SimpleLazyObject(lambda: get_user(request)) now_ts = timezone.now().timestamp() last_prolonged = request.session.get(PROLONG_ATTR, 0) if ( request.session.get(SESSION_KEY) is not None and now_ts - last_prolonged > PROLONG_AFTER ): # checks fulfillment of non-empty session and throttling the prolonging time conditions request.session[PROLONG_ATTR] = now_ts request.session.set_expiry( settings.SESSION_COOKIE_AGE ) # Prolong session expiration (sets modified flag to True, saved in process_response) def process_request(self, request): setattr(request, "_dont_enforce_csrf_checks", True) Loading ttxbackend/settings.py +1 −1 Original line number Diff line number Diff line Loading @@ -249,7 +249,7 @@ with open( # Authentication AUTH_USER_MODEL = "user.User" SESSION_COOKIE_AGE = 24 * 60 * 60 # Session validity period in seconds SESSION_COOKIE_AGE = 6 * 60 * 60 # Session validity period in seconds AUTHENTICATION_BACKENDS = ["aai.backend.CustomAuthBackend"] CSRF_USE_SESSIONS = True Loading Loading
aai/authentication_middleware.py +17 −0 Original line number Diff line number Diff line from importlib import import_module from django.conf import settings from django.contrib.auth import SESSION_KEY from django.contrib.auth.hashers import check_password from django.contrib.auth.middleware import get_user from django.contrib.auth.models import AnonymousUser Loading @@ -8,9 +9,13 @@ from django.contrib.sessions.backends.base import UpdateError from django.contrib.sessions.exceptions import SessionInterrupted from django.utils.deprecation import MiddlewareMixin from django.utils.functional import SimpleLazyObject from django.utils import timezone from user.models import User PROLONG_AFTER = 60 * 60 # Prolong session expiration after this many seconds PROLONG_ATTR = "_last_prolonged" class AuthenticationMiddleware(MiddlewareMixin): def __init__(self, get_response=None): Loading @@ -33,6 +38,18 @@ class AuthenticationMiddleware(MiddlewareMixin): request.session = self.SessionStore(session_id) request.user = SimpleLazyObject(lambda: get_user(request)) now_ts = timezone.now().timestamp() last_prolonged = request.session.get(PROLONG_ATTR, 0) if ( request.session.get(SESSION_KEY) is not None and now_ts - last_prolonged > PROLONG_AFTER ): # checks fulfillment of non-empty session and throttling the prolonging time conditions request.session[PROLONG_ATTR] = now_ts request.session.set_expiry( settings.SESSION_COOKIE_AGE ) # Prolong session expiration (sets modified flag to True, saved in process_response) def process_request(self, request): setattr(request, "_dont_enforce_csrf_checks", True) Loading
ttxbackend/settings.py +1 −1 Original line number Diff line number Diff line Loading @@ -249,7 +249,7 @@ with open( # Authentication AUTH_USER_MODEL = "user.User" SESSION_COOKIE_AGE = 24 * 60 * 60 # Session validity period in seconds SESSION_COOKIE_AGE = 6 * 60 * 60 # Session validity period in seconds AUTHENTICATION_BACKENDS = ["aai.backend.CustomAuthBackend"] CSRF_USE_SESSIONS = True Loading
