external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

SSO: Port account suspension

Browse source 
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Frédéric Mangano-Tarumi 2020-07-20 16:25:22 +02:00 committed by Lukas Fleischer
parent 0e08b151e5
commit e323156947
1 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
aurweb/routers/sso.py
View file

@ -41,11 +41,20 @@ async def login(request: Request):
return await oauth.sso.authorize_redirect(request, redirect_uri, prompt="login") return await oauth.sso.authorize_redirect(request, redirect_uri, prompt="login")
def is_account_suspended(conn, user_id):
row = conn.execute(select([Users.c.Suspended]).where(Users.c.ID == user_id)).fetchone()
return row is not None and bool(row[0])
def open_session(conn, user_id): def open_session(conn, user_id):
""" """
Create a new user session into the database. Return its SID. Create a new user session into the database. Return its SID.
""" """
# TODO check for account suspension # TODO Handle translations.
if is_account_suspended(conn, user_id):
raise HTTPException(status_code=403, detail='Account suspended')
# TODO This is a terrible message because it could imply the attempt at
# logging in just caused the suspension.
# TODO apply [options] max_sessions_per_user # TODO apply [options] max_sessions_per_user
sid = uuid.uuid4().hex sid = uuid.uuid4().hex
conn.execute(Sessions.insert().values( conn.execute(Sessions.insert().values(