3bdb287b78
* providers/oauth2: fix amr claim not set due to login event not associated Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sid claim Signed-off-by: Jens Langhammer <jens@goauthentik.io> * import engine only once Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove manual sid extraction from proxy, add test, make session key hashing more obvious Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated string fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
15 lines
570 B
Python
15 lines
570 B
Python
from django.contrib.auth.signals import user_logged_out
|
|
from django.dispatch import receiver
|
|
from django.http import HttpRequest
|
|
|
|
from authentik.core.models import User
|
|
from authentik.providers.oauth2.models import AccessToken
|
|
|
|
|
|
@receiver(user_logged_out)
|
|
def user_logged_out_oauth_access_token(sender, request: HttpRequest, user: User, **_):
|
|
"""Revoke access tokens upon user logout"""
|
|
if not request.session or not request.session.session_key:
|
|
return
|
|
AccessToken.objects.filter(user=user, session__session_key=request.session.session_key).delete()
|