Skip to content

Commit

Permalink
providers/proxy: avoid erroring on logout with session_id is None (#9119
Browse files Browse the repository at this point in the history
)

* providers/proxy: avoid erroring on logout with session_id is None

Signed-off-by: Marc 'risson' Schmitt <[email protected]>

* check for session and session_key in signals

Signed-off-by: Jens Langhammer <[email protected]>

---------

Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Jens Langhammer <[email protected]>
Co-authored-by: Jens Langhammer <[email protected]>
  • Loading branch information
rissson and BeryJu authored Aug 7, 2024
1 parent eb1b709 commit 3401065
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 0 deletions.
2 changes: 2 additions & 0 deletions authentik/core/signals.py
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ def user_logged_in_session(sender, request: HttpRequest, user: User, **_):
@receiver(user_logged_out)
def user_logged_out_session(sender, request: HttpRequest, user: User, **_):
"""Delete AuthenticatedSession if it exists"""
if not request.session or not request.session.session_key:
return
AuthenticatedSession.objects.filter(session_key=request.session.session_key).delete()


Expand Down
2 changes: 2 additions & 0 deletions authentik/enterprise/providers/rac/signals.py
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@
@receiver(user_logged_out)
def user_logged_out_session(sender, request: HttpRequest, user: User, **_):
"""Disconnect any open RAC connections"""
if not request.session or not request.session.session_key:
return
layer = get_channel_layer()
async_to_sync(layer.group_send)(
RAC_CLIENT_GROUP_SESSION
Expand Down
2 changes: 2 additions & 0 deletions authentik/providers/oauth2/signals.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,7 @@
@receiver(user_logged_out)
def user_logged_out_oauth_access_token(sender, request: HttpRequest, user: User, **_):
"""Revoke access tokens upon user logout"""
if not request.session or not request.session.session_key:
return
hashed_session_key = sha256(request.session.session_key.encode("ascii")).hexdigest()
AccessToken.objects.filter(user=user, session_id=hashed_session_key).delete()
2 changes: 2 additions & 0 deletions authentik/providers/proxy/signals.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@
@receiver(user_logged_out)
def logout_proxy_revoke_direct(sender: type[User], request: HttpRequest, **_):
"""Catch logout by direct logout and forward to proxy providers"""
if not request.session or not request.session.session_key:
return
proxy_on_logout.delay(request.session.session_key)


Expand Down

0 comments on commit 3401065

Please sign in to comment.