xuyue/OnlineJudge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tiny work

Browse Source
This commit is contained in:
virusdefender
2017-10-02 04:33:43 +08:00
parent 9990cf647a
commit edb32eaf7b
6 changed files with 21 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
account/middleware.py
View File

@@ -10,22 +10,11 @@ from django.utils.deprecation import MiddlewareMixin
from utils.api import JSONResponse
class SessionSecurityMiddleware(MiddlewareMixin):
def process_request(self, request):
if request.user.is_authenticated():
if "last_activity" in request.session and request.user.is_admin_role():
# 24 hours passed since last visit, 86400 = 24 * 60 * 60
if time.time() - request.session["last_activity"] >= 86400:
auth.logout(request)
return JSONResponse.response({"error": "login-required", "data": _("Please login in first")})
request.session["last_activity"] = time.time()
class SessionRecordMiddleware(MiddlewareMixin):
def process_request(self, request):
if request.user.is_authenticated():
session = request.session
ip = request.META.get("REMOTE_ADDR", "")
ip = request.META.get("HTTP_X_REAL_IP", "UNKNOWN IP")
user_agent = request.META.get("HTTP_USER_AGENT", "")
_ip = session.setdefault("ip", ip)
_user_agent = session.setdefault("user_agent", user_agent)
@@ -42,13 +31,7 @@ class AdminRoleRequiredMiddleware(MiddlewareMixin):
path = request.path_info
if path.startswith("/admin/") or path.startswith("/api/admin/"):
if not (request.user.is_authenticated() and request.user.is_admin_role()):
return JSONResponse.response({"error": "login-required", "data": _("Please login in first")})
class TimezoneMiddleware(MiddlewareMixin):
def process_request(self, request):
if request.user.is_authenticated():
timezone.activate(pytz.timezone(request.user.userprofile.time_zone))
return JSONResponse.response({"error": "login-required", "data": "Please login in first"})
class LogSqlMiddleware(MiddlewareMixin):

1
account/views/oj.py
View File

@@ -357,7 +357,6 @@ class SessionManagementAPI(APIView):
def get(self, request):
engine = import_module(settings.SESSION_ENGINE)
SessionStore = engine.SessionStore
current_session = request.COOKIES.get(settings.SESSION_COOKIE_NAME)
current_session = request.session.session_key
session_keys = request.user.session_keys
result = []