apps/djangosaml2_overwrites: add account logout view to allowed urls …

…during saml signup to allow aborting the signup fixes #6
liqd · Jun 13, 2024 · 8c8f2b3 · 8c8f2b3
1 parent e2ace53
commit 8c8f2b3
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 10 deletions.
diff --git a/apps/djangosaml2_overwrites/middlewares.py b/apps/djangosaml2_overwrites/middlewares.py
@@ -13,21 +13,21 @@ def __call__(self, request):
 
     def process_view(self, request, view_func, view_args, view_kwargs):
         if request.user.is_authenticated:
-            email = EmailAddress.objects.get(user=request.user,
-                                             email=request.user.email)
+            email = EmailAddress.objects.get(
+                user=request.user, email=request.user.email
+            )
             if not email.verified:
                 path = request.path
                 view = request.resolver_match.view_name
 
                 allowed_paths = [
-                    reverse('saml2_signup'),
-                    reverse('saml2_logout'),
-                    reverse('set_language'),
-                    reverse('javascript-catalog')
-                ]
-                allowed_views = [
-                    'wagtail_serve'
+                    reverse("account_logout"),
+                    reverse("saml2_signup"),
+                    reverse("saml2_logout"),
+                    reverse("set_language"),
+                    reverse("javascript-catalog"),
                 ]
+                allowed_views = ["wagtail_serve"]
 
                 if path not in allowed_paths and view not in allowed_views:
-                    return redirect(reverse('saml2_signup') + "?next=" + path)
+                    return redirect(reverse("saml2_signup") + "?next=" + path)
diff --git a/changelog/_1112.md b/changelog/_1112.md
@@ -0,0 +1,4 @@
+### Fixed
+
+- add account logout view to allowed urls during saml signup. Fixes aborting
+  the saml signup not being possible (#6).