Add some logging and only permit backend CAS auth if the user is not already authenticated

2016-07-04 22:54:15 +02:00
parent 624f2f48ed
commit 6b3b280d31
3 changed files with 31 additions and 2 deletions
--- a/cas_server/federate.py
+++ b/cas_server/federate.py
@ -16,11 +16,14 @@ from django.db import IntegrityError
 from .cas import CASClient
 from .models import FederatedUser, FederateSLO, User

+import logging
 from importlib import import_module
 from six.moves import urllib

 SessionStore = import_module(settings.SESSION_ENGINE).SessionStore

+logger = logging.getLogger(__name__)
+

 class CASFederateValidateUser(object):
    """Class CAS client used to authenticate the user again a CAS provider"""
@ -88,6 +91,12 @@ class CASFederateValidateUser(object):
            slos = []
        for slo in slos:
            for federate_slo in FederateSLO.objects.filter(ticket=slo.text):
+                logger.info(
+                    "Got an SLO requests for ticket %s, logging out user %s" % (
+                        federate_slo.username,
+                        federate_slo.ticket
+                    )
+                )
                session = SessionStore(session_key=federate_slo.session_key)
                session.flush()
                try: