0004-utils-record-auth-level-along-with-auth-event.patch
| src/authentic2/utils.py | ||
|---|---|---|
| 357 | 357 |
return nonce |
| 358 | 358 | |
| 359 | 359 | |
| 360 |
def record_authentication_event(request, how, nonce=None): |
|
| 360 |
def record_authentication_event(request, how, nonce=None, auth_level=None):
|
|
| 361 | 361 |
'''Record an authentication event in the session and in the database, in |
| 362 | 362 |
later version the database persistence can be removed''' |
| 363 | 363 |
from . import models |
| ... | ... | |
| 372 | 372 |
'who_id': getattr(request.user, 'pk', None), |
| 373 | 373 |
'how': how, |
| 374 | 374 |
'when': int(time.time()), |
| 375 | ||
| 376 | 375 |
} |
| 376 | ||
| 377 |
if auth_level: |
|
| 378 |
event['auth_level'] = auth_level |
|
| 379 | ||
| 377 | 380 |
kwargs = {
|
| 378 | 381 |
'who': six.text_type(request.user)[:80], |
| 379 | 382 |
'how': how, |
| ... | ... | |
| 389 | 392 | |
| 390 | 393 |
def find_authentication_event(request, nonce): |
| 391 | 394 |
'''Find an authentication event occurring during this session and matching |
| 392 |
this nonce.''' |
|
| 395 |
this nonce. |
|
| 396 |
In case of multiple events (two authentication level increases for example), |
|
| 397 |
return the last one. |
|
| 398 |
''' |
|
| 393 | 399 |
authentication_events = request.session.get(constants.AUTHENTICATION_EVENTS_SESSION_KEY, []) |
| 394 |
for event in authentication_events:
|
|
| 400 |
for event in reversed(authentication_events):
|
|
| 395 | 401 |
if event.get('nonce') == nonce:
|
| 396 | 402 |
return event |
| 397 | 403 |
return None |
| 398 |
- |
|