Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

auth: Avoid deprecated django.contrib.auth.views.logout_then_login. 

It’s removed in Django 5.0.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg 2024-04-04 15:48:57 -07:00 committed by Tim Abbott
parent a3ed41efa0
commit d8ebb2db95
2 changed files with 7 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
zerver/views/auth.py
View File

@ -8,10 +8,9 @@ import jwt
import orjson import orjson
from cryptography.hazmat.primitives.ciphers.aead import AESGCM from cryptography.hazmat.primitives.ciphers.aead import AESGCM
from django.conf import settings from django.conf import settings
from django.contrib.auth import authenticate from django.contrib.auth import authenticate, logout
from django.contrib.auth.views import LoginView as DjangoLoginView from django.contrib.auth.views import LoginView as DjangoLoginView
from django.contrib.auth.views import PasswordResetView as DjangoPasswordResetView from django.contrib.auth.views import PasswordResetView as DjangoPasswordResetView
from django.contrib.auth.views import logout_then_login as django_logout_then_login
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.core.validators import validate_email from django.core.validators import validate_email
from django.forms import Form from django.forms import Form
@ -1149,9 +1148,6 @@ def json_fetch_api_key(
return json_success(request, data={"api_key": api_key, "email": user_profile.delivery_email}) return json_success(request, data={"api_key": api_key, "email": user_profile.delivery_email})
logout_then_login = require_post(django_logout_then_login)
def should_do_saml_sp_initiated_logout(request: HttpRequest) -> bool: def should_do_saml_sp_initiated_logout(request: HttpRequest) -> bool:
realm = RequestNotes.get_notes(request).realm realm = RequestNotes.get_notes(request).realm
assert realm is not None assert realm is not None
@ -1173,9 +1169,10 @@ def should_do_saml_sp_initiated_logout(request: HttpRequest) -> bool:
@require_post @require_post
def logout_view(request: HttpRequest, /, **kwargs: Any) -> HttpResponse: def logout_view(request: HttpRequest) -> HttpResponse:
if not should_do_saml_sp_initiated_logout(request): if not should_do_saml_sp_initiated_logout(request):
return logout_then_login(request, **kwargs) logout(request)
return HttpResponseRedirect(settings.LOGIN_URL)
# This will first redirect to the IdP with a LogoutRequest and if successful on the IdP side, # This will first redirect to the IdP with a LogoutRequest and if successful on the IdP side,
# the user will be redirected to our SAMLResponse-handling endpoint with a success LogoutResponse, # the user will be redirected to our SAMLResponse-handling endpoint with a success LogoutResponse,

8
zproject/backends.py
View File

@ -37,7 +37,7 @@ import magic
import orjson import orjson
from decorator import decorator from decorator import decorator
from django.conf import settings from django.conf import settings
from django.contrib.auth import authenticate, get_backends from django.contrib.auth import authenticate, get_backends, logout
from django.contrib.auth.backends import RemoteUserBackend from django.contrib.auth.backends import RemoteUserBackend
from django.contrib.staticfiles.storage import staticfiles_storage from django.contrib.staticfiles.storage import staticfiles_storage
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
@ -3160,8 +3160,6 @@ class SAMLSPInitiatedLogout:
Validates the LogoutResponse and logs out the user if successful, Validates the LogoutResponse and logs out the user if successful,
finishing the SP-initiated logout flow. finishing the SP-initiated logout flow.
""" """
from django.contrib.auth.views import logout_then_login as django_logout_then_login
idp = logout_response.backend.get_idp(idp_name) idp = logout_response.backend.get_idp(idp_name)
auth = logout_response.backend._create_saml_auth(idp) auth = logout_response.backend._create_saml_auth(idp)
auth.process_slo(keep_local_session=True) auth.process_slo(keep_local_session=True)
@ -3172,8 +3170,8 @@ class SAMLSPInitiatedLogout:
# They're informative but generic enough to not leak any sensitive information. # They're informative but generic enough to not leak any sensitive information.
raise JsonableError(f"LogoutResponse error: {errors}") raise JsonableError(f"LogoutResponse error: {errors}")
# We call Django's version of logout_then_login so that POST isn't required. logout(logout_response.backend.strategy.request)
return django_logout_then_login(logout_response.backend.strategy.request) return HttpResponseRedirect(settings.LOGIN_URL)
def get_external_method_dicts(realm: Optional[Realm] = None) -> List[ExternalAuthMethodDictT]: def get_external_method_dicts(realm: Optional[Realm] = None) -> List[ExternalAuthMethodDictT]: