2016-10-28 18:25:52 +00:00
|
|
|
from django.utils.deprecation import MiddlewareMixin
|
|
|
|
|
2017-04-18 09:25:16 +00:00
|
|
|
from oidc_provider import settings
|
|
|
|
from oidc_provider.lib.utils.common import get_browser_state_or_default
|
|
|
|
|
2016-10-28 18:25:52 +00:00
|
|
|
|
|
|
|
class SessionManagementMiddleware(MiddlewareMixin):
|
|
|
|
"""
|
|
|
|
Maintain a `op_browser_state` cookie along with the `sessionid` cookie that
|
|
|
|
represents the End-User's login state at the OP. If the user is not logged
|
2017-04-18 09:25:16 +00:00
|
|
|
in then use the value of settings.OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY.
|
2016-10-28 18:25:52 +00:00
|
|
|
"""
|
|
|
|
|
|
|
|
def process_response(self, request, response):
|
2017-04-18 09:25:16 +00:00
|
|
|
if settings.get('OIDC_SESSION_MANAGEMENT_ENABLE'):
|
|
|
|
response.set_cookie('op_browser_state', get_browser_state_or_default(request))
|
2016-10-28 18:25:52 +00:00
|
|
|
return response
|