Evite de rediriger vers login si user CAS déjà reconnu et CAS forcé: fix #757

This commit is contained in:
Emmanuel Viennet 2024-06-24 01:15:40 +02:00
parent ee050889f0
commit 08dfaeb436
2 changed files with 14 additions and 7 deletions

View File

@ -35,9 +35,9 @@ def after_cas_login():
if user.cas_allow_login: if user.cas_allow_login:
current_app.logger.info(f"CAS: login {user.user_name}") current_app.logger.info(f"CAS: login {user.user_name}")
if login_user(user): if login_user(user):
flask.session[ flask.session["scodoc_cas_login_date"] = (
"scodoc_cas_login_date" datetime.datetime.now().isoformat()
] = datetime.datetime.now().isoformat() )
user.cas_last_login = datetime.datetime.utcnow() user.cas_last_login = datetime.datetime.utcnow()
if flask.session.get("CAS_EDT_ID"): if flask.session.get("CAS_EDT_ID"):
# essaie de récupérer l'edt_id s'il est présent # essaie de récupérer l'edt_id s'il est présent
@ -45,8 +45,10 @@ def after_cas_login():
# via l'expression `cas_edt_id_from_xml_regexp` # via l'expression `cas_edt_id_from_xml_regexp`
# voir flask_cas.routing # voir flask_cas.routing
edt_id = flask.session.get("CAS_EDT_ID") edt_id = flask.session.get("CAS_EDT_ID")
current_app.logger.info(f"""after_cas_login: storing edt_id for { current_app.logger.info(
user.user_name}: '{edt_id}'""") f"""after_cas_login: storing edt_id for {
user.user_name}: '{edt_id}'"""
)
user.edt_id = edt_id user.edt_id = edt_id
db.session.add(user) db.session.add(user)
db.session.commit() db.session.commit()
@ -55,12 +57,17 @@ def after_cas_login():
current_app.logger.info( current_app.logger.info(
f"CAS login denied for {user.user_name} (not allowed to use CAS)" f"CAS login denied for {user.user_name} (not allowed to use CAS)"
) )
else: else: # pas d'utilisateur ScoDoc ou bien compte inactif
current_app.logger.info( current_app.logger.info(
f"""CAS login denied for { f"""CAS login denied for {
user.user_name if user else "" user.user_name if user else ""
} cas_id={cas_id} (unknown or inactive)""" } cas_id={cas_id} (unknown or inactive)"""
) )
if ScoDocSiteConfig.is_cas_forced():
# Dans ce cas, pas de redirect vers la page de login pour éviter de boucler
raise ScoValueError(
"compte ScoDoc inexistant ou inactif pour cet utilisateur CAS"
)
else: else:
current_app.logger.info( current_app.logger.info(
f"""CAS attribute '{ScoDocSiteConfig.get("cas_attribute_id")}' not found ! f"""CAS attribute '{ScoDocSiteConfig.get("cas_attribute_id")}' not found !

View File

@ -1,7 +1,7 @@
# -*- mode: python -*- # -*- mode: python -*-
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
SCOVERSION = "9.6.980" SCOVERSION = "9.6.981"
SCONAME = "ScoDoc" SCONAME = "ScoDoc"