Source code for evennia.web.utils.middleware

from django.contrib.auth import authenticate, login

from evennia.accounts.models import AccountDB
from evennia.utils import ip_from_request, logger


[docs]class OriginIpMiddleware: """ This Django Middleware simply sets the request.origin_ip attribute to what is respected by the Evennia Server, taking into account settings.UPSTREAM_IPS. """
[docs] def __init__(self, get_response): self.get_response = get_response
def __call__(self, request): request.origin_ip = ip_from_request(request) return self.get_response(request)
[docs]class SharedLoginMiddleware(object): """ Handle the shared login between website and webclient. """
[docs] def __init__(self, get_response): # One-time configuration and initialization. self.get_response = get_response
def __call__(self, request): # Code to be executed for each request before # the view (and later middleware) are called. # Synchronize credentials between webclient and website # Must be performed *before* rendering the view (issue #1723) self.make_shared_login(request) # Process view response = self.get_response(request) # Code to be executed for each request/response after # the view is called. # Return processed view return response
[docs] @classmethod def make_shared_login(cls, request): csession = request.session account = request.user website_uid = csession.get("website_authenticated_uid", None) webclient_uid = csession.get("webclient_authenticated_uid", None) if not csession.session_key: # this is necessary to build the sessid key csession.save() if account.is_authenticated: # Logged into website if website_uid is None: # fresh website login (just from login page) csession["website_authenticated_uid"] = account.id if webclient_uid is None: # auto-login web client csession["webclient_authenticated_uid"] = account.id elif webclient_uid: # Not logged into website, but logged into webclient if website_uid is None: csession["website_authenticated_uid"] = account.id account = AccountDB.objects.get(id=webclient_uid) try: # calls our custom authenticate, in web/utils/backend.py authenticate(autologin=account) login(request, account) except AttributeError: logger.log_trace() if csession.get("webclient_authenticated_uid", None): # set a nonce to prevent the webclient from erasing the webclient_authenticated_uid value csession["webclient_authenticated_nonce"] = ( csession.get("webclient_authenticated_nonce", 0) + 1 ) # wrap around to prevent integer overflows if csession["webclient_authenticated_nonce"] > 32: csession["webclient_authenticated_nonce"] = 0