external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: remove sessions of suspended users

Browse source 
Fixes: #394

Signed-off-by: Leonidas Spyropoulos <artafinde@archlinux.org>
This commit is contained in:
Leonidas Spyropoulos 2022-09-23 13:31:50 +01:00
parent 30e72d2db5
commit 0dddaeeb98
No known key found for this signature in database
GPG key ID: 59E43E106B247368
3 changed files with 80 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
aurweb/users/update.py
View file

@ -134,3 +134,19 @@ def password(
# If the target user is the request user, login with
# the updated password to update the Session record.
user.login(request, P, cookies.timeout(remember_me))
@db.retry_deadlock
def suspend(
S: bool = False,
request: Request = None,
user: models.User = None,
context: dict[str, Any] = {},
**kwargs,
) -> None:
if S and user.session:
context["S"] = None
with db.begin():
db.delete_all(
db.query(models.Session).filter(models.Session.UsersID == user.ID)
)