Adds middleware.

2026-03-30 04:27:16 +02:00 · 2018-10-24 20:06:11 +00:00 · 2018-10-24 20:06:11 +00:00 · c4bd521cd1
commit c4bd521cd1
parent efef4ad0a3
1 changed files with 60 additions and 0 deletions
--- a/evennia/web/utils/middleware.py
+++ b/evennia/web/utils/middleware.py
@ -0,0 +1,60 @@
+from django.contrib.auth import authenticate, login
+from evennia.accounts.models import AccountDB
+from evennia.utils import logger
+
+class SharedLoginMiddleware(object):
+    """
+    Handle the shared login between website and webclient.
+
+    """
+    def __init__(self, get_response):
+        # One-time configuration and initialization.
+        self.get_response = get_response
+        
+    def __call__(self, request):
+        # Code to be executed for each request before
+        # the view (and later middleware) are called.
+        
+        # Process view
+        response = self.get_response(request)
+
+        # Code to be executed for each request/response after
+        # the view is called.
+        
+        # Synchronize credentials
+        self.make_shared_login(request)
+        
+        # Return processed view
+        return response
+        
+    @classmethod
+    def make_shared_login(cls, request):
+        csession = request.session
+        account = request.user
+        website_uid = csession.get("website_authenticated_uid", None)
+        webclient_uid = csession.get("webclient_authenticated_uid", None)
+    
+        if not csession.session_key:
+            # this is necessary to build the sessid key
+            csession.save()
+    
+        if account.is_authenticated():
+            # Logged into website
+            if not website_uid:
+                # fresh website login (just from login page)
+                csession["website_authenticated_uid"] = account.id
+                if webclient_uid is None:
+                    # auto-login web client
+                    csession["webclient_authenticated_uid"] = account.id
+    
+        elif webclient_uid:
+            # Not logged into website, but logged into webclient
+            if not website_uid:
+                csession["website_authenticated_uid"] = account.id
+                account = AccountDB.objects.get(id=webclient_uid)
+                try:
+                    # calls our custom authenticate, in web/utils/backend.py
+                    authenticate(autologin=account)
+                    login(request, account)
+                except AttributeError:
+                    logger.log_trace()