core: check if session is authenticated before showing linked message

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-10-26 00:30:42 +02:00
parent dd65862bf2
commit 6b35d0c70b

View file

@ -180,7 +180,7 @@ class SourceFlowManager:
action, connection = self.get_action(**kwargs) action, connection = self.get_action(**kwargs)
except IntegrityError as exc: except IntegrityError as exc:
self._logger.warning("failed to get action", exc=exc) self._logger.warning("failed to get action", exc=exc)
return redirect("/") return redirect(reverse("authentik_core:root-redirect"))
self._logger.debug("get_action", action=action, connection=connection) self._logger.debug("get_action", action=action, connection=connection)
try: try:
if connection: if connection:
@ -228,7 +228,7 @@ class SourceFlowManager:
] ]
return [] return []
def _handle_login_flow( def _prepare_flow(
self, self,
flow: Flow, flow: Flow,
connection: UserSourceConnection, connection: UserSourceConnection,
@ -279,7 +279,7 @@ class SourceFlowManager:
) -> HttpResponse: ) -> HttpResponse:
"""Login user and redirect.""" """Login user and redirect."""
flow_kwargs = {PLAN_CONTEXT_PENDING_USER: connection.user} flow_kwargs = {PLAN_CONTEXT_PENDING_USER: connection.user}
return self._handle_login_flow( return self._prepare_flow(
self.source.authentication_flow, self.source.authentication_flow,
connection, connection,
stages=[ stages=[
@ -302,6 +302,9 @@ class SourceFlowManager:
) -> HttpResponse: ) -> HttpResponse:
"""Handler when the user was already authenticated and linked an external source """Handler when the user was already authenticated and linked an external source
to their account.""" to their account."""
# When request isn't authenticated we jump straight to auth
if not self.request.user.is_authenticated:
return self.handle_auth(connection)
# Connection has already been saved # Connection has already been saved
Event.new( Event.new(
EventAction.SOURCE_LINKED, EventAction.SOURCE_LINKED,
@ -312,9 +315,6 @@ class SourceFlowManager:
self.request, self.request,
_("Successfully linked %(source)s!" % {"source": self.source.name}), _("Successfully linked %(source)s!" % {"source": self.source.name}),
) )
# When request isn't authenticated we jump straight to auth
if not self.request.user.is_authenticated:
return self.handle_auth(connection)
return redirect( return redirect(
reverse( reverse(
"authentik_core:if-user", "authentik_core:if-user",
@ -334,7 +334,7 @@ class SourceFlowManager:
self.request, self.request,
_("Source is not configured for enrollment."), _("Source is not configured for enrollment."),
) )
return self._handle_login_flow( return self._prepare_flow(
self.source.enrollment_flow, self.source.enrollment_flow,
connection, connection,
stages=[ stages=[