thirdparty
/
CybroAddons
mirror of https://github.com/CybroOdoo/CybroAddons.git
5
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

[UPDT] Session expiry updated 'restrict_logins'

pull/145/head
Ajmal JK 5 years ago
parent
1173f0d846
commit
4acab79d07
4 changed files with 72 additions and 25 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      restrict_logins/__manifest__.py
  2. 27
      restrict_logins/controllers/main.py
  3. 5
      restrict_logins/doc/changelog.md
  4. 63
      restrict_logins/models/ir_http.py

2
restrict_logins/__manifest__.py
View File

@ -22,7 +22,7 @@
{ {
'name': "Restrict Concurrent User Login", 'name': "Restrict Concurrent User Login",
'version': '13.0.1.1.1', 'version': '13.0.1.1.2',
'summary': 'Restrict concurrent sessions, User force logout, Automatic session expiry', 'summary': 'Restrict concurrent sessions, User force logout, Automatic session expiry',
"description": """Restrict concurrent sessions, User force logout, Automatic session expiry, "description": """Restrict concurrent sessions, User force logout, Automatic session expiry,
restrict user login, session expiry, session, user session, force logout, restrict user login, session expiry, session, user session, force logout,

27
restrict_logins/controllers/main.py
View File

@ -57,6 +57,20 @@ def clear_session_history(u_sid, f_uid=False):
return False return False
def super_clear_all():
""" Clear all the user session histories """
path = odoo.tools.config.session_dir
store = werkzeug.contrib.sessions.FilesystemSessionStore(
path, session_class=odoo.http.OpenERPSession, renew_missing=True)
for fname in os.listdir(store.path):
path = os.path.join(store.path, fname)
try:
os.unlink(path)
except OSError:
pass
return True
class Session(main.Session): class Session(main.Session):
@http.route('/web/session/logout', type='http', auth="none") @http.route('/web/session/logout', type='http', auth="none")
def logout(self, redirect='/web'): def logout(self, redirect='/web'):
@ -81,6 +95,19 @@ class Session(main.Session):
request.session.logout(keep_db=True) request.session.logout(keep_db=True)
return werkzeug.utils.redirect(redirect, 303) return werkzeug.utils.redirect(redirect, 303)
@http.route('/super/logout_all', type='http', auth="none")
def super_logout_all(self, redirect='/web'):
""" Log out from all the sessions of all the users """
users = request.env['res.users'].with_user(1).search([])
for user in users:
# clear session session file for the user
session_cleared = super_clear_all()
if session_cleared:
# clear user session
user._clear_session()
request.session.logout(keep_db=True)
return werkzeug.utils.redirect(redirect, 303)
class Home(main.Home): class Home(main.Home):

5
restrict_logins/doc/changelog.md
View File

@ -9,3 +9,8 @@
#### Version 13.0.1.1.1 #### Version 13.0.1.1.1
#### FIX #### FIX
- Bug Fixed - Bug Fixed
#### 05.03.2020
#### Version 13.0.1.1.2
#### UPDT
- Updated

63
restrict_logins/models/ir_http.py
View File

@ -41,31 +41,46 @@ class IrHttp(models.AbstractModel):
@classmethod @classmethod
def _authenticate(cls, auth_method='user'): def _authenticate(cls, auth_method='user'):
try: try:
def _update_user(u_sid, u_now, u_exp_date, u_uid): if request.session.uid:
if u_uid and u_exp_date and u_sid and u_now: uid = request.session.uid
query = """update res_users set sid = '%s', user_pool = request.env['res.users'].with_user(
last_update = '%s',exp_date = '%s', SUPERUSER_ID).browse(uid)
logged_in = 'TRUE' where id = %s
""" % (u_sid, u_now, u_exp_date, u_uid) def _update_user(u_sid, u_now, u_exp_date, u_uid):
request.env.cr.execute(query) """ Function for updating session details for the
uid = request.session.uid corresponding user
user_pool = request.env['res.users'].with_user( """
SUPERUSER_ID).browse(uid) if u_uid and u_exp_date and u_sid and u_now:
sid = request.session.sid query = """update res_users set sid = '%s',
last_update = user_pool.last_update last_update = '%s',exp_date = '%s',
now = datetime.now() logged_in = 'TRUE' where id = %s
exp_date = datetime.now() + timedelta(minutes=45) """ % (u_sid, u_now, u_exp_date, u_uid)
# update if there is no data and user is active request.env.cr.execute(query)
if not user_pool.last_update and not user_pool.sid and \
not user_pool.logged_in: sid = request.session.sid
_update_user(sid, now, exp_date, uid) last_update = user_pool.last_update
# update sid and date if last update is above 0.5 min now = datetime.now()
if last_update: exp_date = datetime.now() + timedelta(minutes=45)
update_diff = (datetime.now() - last_update).total_seconds() / 60.0 # check that the authentication contains bus_inactivity
if uid and (update_diff > 0.5 or sid != user_pool.sid): request_params = request.params.copy()
_update_user(sid, now, exp_date, uid) if 'options' in request_params and 'bus_inactivity' in \
request_params['options']:
# update session if there is sid mismatch
if uid and user_pool.sid and sid != user_pool.sid:
_update_user(sid, now, exp_date, uid)
else:
# update if there is no session data and user is active
if not user_pool.last_update and not user_pool.sid and \
not user_pool.logged_in:
_update_user(sid, now, exp_date, uid)
# update sid and date if last update is above 0.5 min
if last_update:
update_diff = (datetime.now() -
last_update).total_seconds() / 60.0
if uid and (update_diff > 0.5 or sid != user_pool.sid):
_update_user(sid, now, exp_date, uid)
except Exception as e: except Exception as e:
_logger.info("Exception during updating user session...") _logger.info("Exception during updating user session...%s", e)
pass pass
try: try:
if request.session.uid: if request.session.uid:

Write Preview
Loading…
Cancel
Save