From 74e4e8f6aa3c54d9146aa2c8dfa41e8db8e04315 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 12 Jun 2021 17:37:32 +0200 Subject: [PATCH] core: delete real session when AuthenticatedSession is deleted Signed-off-by: Jens Langhammer --- authentik/core/signals.py | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/authentik/core/signals.py b/authentik/core/signals.py index c843d2609..daca16ce1 100644 --- a/authentik/core/signals.py +++ b/authentik/core/signals.py @@ -1,11 +1,12 @@ """authentik core signals""" -from typing import TYPE_CHECKING +from typing import TYPE_CHECKING, Type from django.contrib.auth.signals import user_logged_in, user_logged_out +from django.contrib.sessions.backends.cache import KEY_PREFIX from django.core.cache import cache from django.core.signals import Signal from django.db.models import Model -from django.db.models.signals import post_save +from django.db.models.signals import post_save, pre_delete from django.dispatch import receiver from django.http.request import HttpRequest from prometheus_client import Gauge @@ -18,7 +19,7 @@ GAUGE_MODELS = Gauge( ) if TYPE_CHECKING: - from authentik.core.models import User + from authentik.core.models import AuthenticatedSession, User @receiver(post_save) @@ -60,3 +61,17 @@ def user_logged_out_session(sender, request: HttpRequest, user: "User", **_): AuthenticatedSession.objects.filter( session_key=request.session.session_key ).delete() + + +@receiver(pre_delete) +def authenticated_session_delete( + sender: Type[Model], instance: "AuthenticatedSession", **_ +): + """Delete session when authenticated session is deleted""" + from authentik.core.models import AuthenticatedSession + + if sender != AuthenticatedSession: + return + + cache_key = f"{KEY_PREFIX}{instance.session_key}" + cache.delete(cache_key)