From 8c8f2b3c0631c3a53f522cfe950178d57bfcddfb Mon Sep 17 00:00:00 2001 From: Julian Dehm Date: Thu, 13 Jun 2024 10:36:46 +0200 Subject: [PATCH] apps/djangosaml2_overwrites: add account logout view to allowed urls during saml signup to allow aborting the signup fixes #6 --- apps/djangosaml2_overwrites/middlewares.py | 20 ++++++++++---------- changelog/_1112.md | 4 ++++ 2 files changed, 14 insertions(+), 10 deletions(-) create mode 100644 changelog/_1112.md diff --git a/apps/djangosaml2_overwrites/middlewares.py b/apps/djangosaml2_overwrites/middlewares.py index 2d88b5033..9cffc67d6 100644 --- a/apps/djangosaml2_overwrites/middlewares.py +++ b/apps/djangosaml2_overwrites/middlewares.py @@ -13,21 +13,21 @@ def __call__(self, request): def process_view(self, request, view_func, view_args, view_kwargs): if request.user.is_authenticated: - email = EmailAddress.objects.get(user=request.user, - email=request.user.email) + email = EmailAddress.objects.get( + user=request.user, email=request.user.email + ) if not email.verified: path = request.path view = request.resolver_match.view_name allowed_paths = [ - reverse('saml2_signup'), - reverse('saml2_logout'), - reverse('set_language'), - reverse('javascript-catalog') - ] - allowed_views = [ - 'wagtail_serve' + reverse("account_logout"), + reverse("saml2_signup"), + reverse("saml2_logout"), + reverse("set_language"), + reverse("javascript-catalog"), ] + allowed_views = ["wagtail_serve"] if path not in allowed_paths and view not in allowed_views: - return redirect(reverse('saml2_signup') + "?next=" + path) + return redirect(reverse("saml2_signup") + "?next=" + path) diff --git a/changelog/_1112.md b/changelog/_1112.md new file mode 100644 index 000000000..87f33c103 --- /dev/null +++ b/changelog/_1112.md @@ -0,0 +1,4 @@ +### Fixed + +- add account logout view to allowed urls during saml signup. Fixes aborting + the saml signup not being possible (#6).