0003-utils-record-auth-level-along-with-auth-event.patch
src/authentic2/utils.py | ||
---|---|---|
357 | 357 |
return nonce |
358 | 358 | |
359 | 359 | |
360 |
def record_authentication_event(request, how, nonce=None): |
|
360 |
def record_authentication_event(request, how, nonce=None, auth_level=None):
|
|
361 | 361 |
'''Record an authentication event in the session and in the database, in |
362 | 362 |
later version the database persistence can be removed''' |
363 | 363 |
from . import models |
... | ... | |
372 | 372 |
'who_id': getattr(request.user, 'pk', None), |
373 | 373 |
'how': how, |
374 | 374 |
'when': int(time.time()), |
375 | ||
376 | 375 |
} |
376 | ||
377 |
if auth_level: |
|
378 |
event['auth_level'] = auth_level |
|
379 | ||
377 | 380 |
kwargs = { |
378 | 381 |
'who': six.text_type(request.user)[:80], |
379 | 382 |
'how': how, |
... | ... | |
389 | 392 | |
390 | 393 |
def find_authentication_event(request, nonce): |
391 | 394 |
'''Find an authentication event occurring during this session and matching |
392 |
this nonce.''' |
|
395 |
this nonce. |
|
396 |
In case of multiple events (two authentication level increases for example), |
|
397 |
return the last one. |
|
398 |
''' |
|
393 | 399 |
authentication_events = request.session.get(constants.AUTHENTICATION_EVENTS_SESSION_KEY, []) |
394 |
for event in authentication_events:
|
|
400 |
for event in reversed(authentication_events):
|
|
395 | 401 |
if event.get('nonce') == nonce: |
396 | 402 |
return event |
397 | 403 |
return None |
398 |
- |