fix some bugs in session api and add a signal to cleanup tokens after password change
This commit is contained in:
Laura Klünder
parent
cdb14a1e2c
commit
0d8b54527c
4 changed files with 17 additions and 1 deletions
|
|
@ -4,6 +4,9 @@ from rest_framework.renderers import JSONRenderer
|
||||||
|
|
||||||
from c3nav.mapdata.utils.json import json_encoder_reindent
|
from c3nav.mapdata.utils.json import json_encoder_reindent
|
||||||
|
|
||||||
|
default_app_config = 'c3nav.api.apps.APIConfig'
|
||||||
|
|
||||||
|
|
||||||
orig_render = JSONRenderer.render
|
orig_render = JSONRenderer.render
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -32,7 +32,7 @@ class SessionViewSet(ViewSet):
|
||||||
SessionAuthentication().enforce_csrf(request)
|
SessionAuthentication().enforce_csrf(request)
|
||||||
|
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
return ParseError(_('Log out first.'))
|
raise ParseError(_('Log out first.'))
|
||||||
|
|
||||||
try:
|
try:
|
||||||
data = request.json_body
|
data = request.json_body
|
||||||
|
|
|
||||||
11
src/c3nav/api/apps.py
Normal file
11
src/c3nav/api/apps.py
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
from django.apps import AppConfig
|
||||||
|
from django.conf import settings
|
||||||
|
from django.db.models.signals import post_save
|
||||||
|
|
||||||
|
|
||||||
|
class APIConfig(AppConfig):
|
||||||
|
name = 'c3nav.api'
|
||||||
|
|
||||||
|
def ready(self):
|
||||||
|
from c3nav.api.signals import remove_tokens_on_user_save
|
||||||
|
post_save.connect(remove_tokens_on_user_save, sender=settings.AUTH_USER_MODEL)
|
||||||
2
src/c3nav/api/signals.py
Normal file
2
src/c3nav/api/signals.py
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
def remove_tokens_on_user_save(sender, instance, **kwargs):
|
||||||
|
instance.login_tokens.exclude(session_auth_hash=instance.get_session_auth_hash()).delete()
|
||||||
Loading…
Add table
Add a link
Reference in a new issue