fix some bugs in session api and add a signal to cleanup tokens after password change
This commit is contained in:
Laura Klünder
parent
cdb14a1e2c
commit
0d8b54527c
4 changed files with 17 additions and 1 deletions
|
|
@ -4,6 +4,9 @@ from rest_framework.renderers import JSONRenderer
|
|||
|
||||
from c3nav.mapdata.utils.json import json_encoder_reindent
|
||||
|
||||
default_app_config = 'c3nav.api.apps.APIConfig'
|
||||
|
||||
|
||||
orig_render = JSONRenderer.render
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ class SessionViewSet(ViewSet):
|
|||
SessionAuthentication().enforce_csrf(request)
|
||||
|
||||
if request.user.is_authenticated:
|
||||
return ParseError(_('Log out first.'))
|
||||
raise ParseError(_('Log out first.'))
|
||||
|
||||
try:
|
||||
data = request.json_body
|
||||
|
|
|
|||
11
src/c3nav/api/apps.py
Normal file
11
src/c3nav/api/apps.py
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
from django.apps import AppConfig
|
||||
from django.conf import settings
|
||||
from django.db.models.signals import post_save
|
||||
|
||||
|
||||
class APIConfig(AppConfig):
|
||||
name = 'c3nav.api'
|
||||
|
||||
def ready(self):
|
||||
from c3nav.api.signals import remove_tokens_on_user_save
|
||||
post_save.connect(remove_tokens_on_user_save, sender=settings.AUTH_USER_MODEL)
|
||||
2
src/c3nav/api/signals.py
Normal file
2
src/c3nav/api/signals.py
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
def remove_tokens_on_user_save(sender, instance, **kwargs):
|
||||
instance.login_tokens.exclude(session_auth_hash=instance.get_session_auth_hash()).delete()
|
||||
Loading…
Add table
Add a link
Reference in a new issue