diff --git a/evennia/web/utils/middleware.py b/evennia/web/utils/middleware.py new file mode 100644 index 0000000000..3a60c3ca4f --- /dev/null +++ b/evennia/web/utils/middleware.py @@ -0,0 +1,60 @@ +from django.contrib.auth import authenticate, login +from evennia.accounts.models import AccountDB +from evennia.utils import logger + +class SharedLoginMiddleware(object): + """ + Handle the shared login between website and webclient. + + """ + def __init__(self, get_response): + # One-time configuration and initialization. + self.get_response = get_response + + def __call__(self, request): + # Code to be executed for each request before + # the view (and later middleware) are called. + + # Process view + response = self.get_response(request) + + # Code to be executed for each request/response after + # the view is called. + + # Synchronize credentials + self.make_shared_login(request) + + # Return processed view + return response + + @classmethod + def make_shared_login(cls, request): + csession = request.session + account = request.user + website_uid = csession.get("website_authenticated_uid", None) + webclient_uid = csession.get("webclient_authenticated_uid", None) + + if not csession.session_key: + # this is necessary to build the sessid key + csession.save() + + if account.is_authenticated(): + # Logged into website + if not website_uid: + # fresh website login (just from login page) + csession["website_authenticated_uid"] = account.id + if webclient_uid is None: + # auto-login web client + csession["webclient_authenticated_uid"] = account.id + + elif webclient_uid: + # Not logged into website, but logged into webclient + if not website_uid: + csession["website_authenticated_uid"] = account.id + account = AccountDB.objects.get(id=webclient_uid) + try: + # calls our custom authenticate, in web/utils/backend.py + authenticate(autologin=account) + login(request, account) + except AttributeError: + logger.log_trace() \ No newline at end of file