Received: from mail.netlandish.com (mail.netlandish.com [174.136.98.166]) by code.netlandish.com (Postfix) with ESMTP id 0679882E8D for <~petersanchez/public-inbox@lists.code.netlandish.com>; Wed, 25 Jan 2023 18:24:56 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.169; helo=mail-il1-f169.google.com; envelope-from=oscar@netlandish.com; receiver= Authentication-Results: mail.netlandish.com; dkim=pass (1024-bit key; unprotected) header.d=netlandish.com header.i=@netlandish.com header.b=HeHYabx0 Received: from mail-il1-f169.google.com (mail-il1-f169.google.com [209.85.166.169]) by mail.netlandish.com (Postfix) with ESMTP id F2DCA152FC7 for <~petersanchez/public-inbox@lists.code.netlandish.com>; Wed, 25 Jan 2023 18:24:54 +0000 (UTC) Received: by mail-il1-f169.google.com with SMTP id i17so9103602ila.9 for <~petersanchez/public-inbox@lists.code.netlandish.com>; Wed, 25 Jan 2023 10:24:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netlandish.com; s=google; h=cc:to:from:date:user-agent:message-id:subject :content-transfer-encoding:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=7RcljU7MiBZ2B+5eysCEi8W8N1tgth4iqf0pxwfP8U0=; b=HeHYabx0akxheFWu19q1dUlt2ZP8abLlJm1Y8Cd6fGMeW2ITGHYH2gTul+8g7NTCSg hOxaLSvpJzAg8O7E6q/YELo4x7Y5Dtttb/m2/iJioX7vbYk42iDhJ7Y90w566W7HwSqW X/kTs5audcm0f0KarhFH4+LS4+RJauT/n+Akg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:date:user-agent:message-id:subject :content-transfer-encoding:mime-version:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=7RcljU7MiBZ2B+5eysCEi8W8N1tgth4iqf0pxwfP8U0=; b=GGDFHcSC2IEMA0PPwAy+IeE1hZQ32XereUUKltclV3Ar1zEWNmULikVQ86JlJsJGbY J/4aoQc01Kt5HwgUkgM4VJZKgiLHHsRglYrYGvKnmGRqS9aAEcLZXc+H7An7jv5iPxp0 qLglYIkUCBgc5hrkCg5R3TWd6Yqqmilrgp0LopcgLeK1ly+e+kGZrknKRz4eLvsi9729 YwpJO9p0b0DhFrZltX7CfkkxbH6s8NDqAEVlC6EJ2hUOg38ZkTGqs+PBYGCa+hNUmNv2 ASPK17EAJuBxnunyO+8BRVQwmoWLoIlp0IV6ERMX2VeHQuZz9DGnM8KbTM/QhzvzJGoK AsFA== X-Gm-Message-State: AFqh2kqjPQ4F4uZZlp0KRXoF73EkQhG7A5OvNHi6Zb70N6bUECauq2EY B5xKn/jE8Lzo+Ugdum/xkByNh3yneh/pWzR3qAo= X-Google-Smtp-Source: AMrXdXvMcQo5wnz43co2z4xQdoD8NRFYrxJApKbhXNgm4ogR08G/wYnZjN4lefrrp7hVx0H4tUYtfQ== X-Received: by 2002:a05:6e02:1a67:b0:30f:333a:7b53 with SMTP id w7-20020a056e021a6700b0030f333a7b53mr25957346ilv.9.1674671093487; Wed, 25 Jan 2023 10:24:53 -0800 (PST) Received: from oscars-mbp.lan ([181.50.236.210]) by smtp.gmail.com with ESMTPSA id p16-20020a02b390000000b003a22298d014sm1857205jan.25.2023.01.25.10.24.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Jan 2023 10:24:53 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: [PATCH django-impersonate] Prevent redirect loop when MAX_DURATION is used - Refs #67 X-Mercurial-Node: 89fffb32473e64276ca1a114bd2291a08e078227 X-Mercurial-Series-Index: 1 X-Mercurial-Series-Total: 1 Message-Id: <89fffb32473e64276ca1.1674671086@oscars-mbp.lan> X-Mercurial-Series-Id: <89fffb32473e64276ca1.1674671086@oscars-mbp.lan> User-Agent: Mercurial-patchbomb/6.2.3 Date: Wed, 25 Jan 2023 13:24:46 -0500 From: =?iso-8859-1?q?Oscar_Cortez?= To: ~petersanchez/public-inbox@lists.code.netlandish.com Cc: peter@netlandish.com # HG changeset patch # User Oscar Cortez # Date 1674671062 18000 # Wed Jan 25 13:24:22 2023 -0500 # Node ID 89fffb32473e64276ca1a114bd2291a08e078227 # Parent 839574bf40f57622b92c34d588853645f31a9137 Prevent redirect loop when MAX_DURATION is used - Refs #67 diff --git a/impersonate/middleware.py b/impersonate/middleware.py --- a/impersonate/middleware.py +++ b/impersonate/middleware.py @@ -2,7 +2,7 @@ from datetime import datetime, timedelta from django.http import HttpResponseNotAllowed -from django.shortcuts import redirect +from django.shortcuts import redirect, reverse from django.utils import timezone from django.utils.deprecation import MiddlewareMixin from django.utils.functional import SimpleLazyObject @@ -26,6 +26,9 @@ if '_impersonate' in request.session and request.user.is_authenticated: if settings.MAX_DURATION: + if request.path == reverse('impersonate-stop'): + return + if '_impersonate_start' not in request.session: return diff --git a/impersonate/tests.py b/impersonate/tests.py --- a/impersonate/tests.py +++ b/impersonate/tests.py @@ -150,6 +150,31 @@ _impersonate_start=datetime.now(timezone.utc).timestamp() ) + @override_settings(IMPERSONATE={'MAX_DURATION': 5, 'REDIRECT_URL': '/foo/'}) + def test_impersonate_timeout_not_redirect_loop(self): + ''' Test to ensure that when MAX_DURATION is reached dont create a redirect loop. + See Issue #67 + ''' + self._impersonated_request( + _impersonate_start=datetime.now(timezone.utc).timestamp() + ) + # new request to see if the redirect to stop + request = self.factory.get('/') + request.user = self.superuser + past_time = datetime.now(timezone.utc) - timedelta(hours=1) + request.session = { + '_impersonate': self.user, + '_impersonate_start': past_time.timestamp(), + } + request = self.middleware.process_request(request) + # Check does the redirect to stop the impersonate + self.assertEqual(request.status_code, 302) + self.assertEqual(request.url, reverse('impersonate-stop')) + # Check impersonate stop redirects to the REDIRECT_URL + request = self.client.get(reverse('impersonate-stop')) + self.assertEqual(request.status_code, 302) + self.assertEqual(request.url, '/foo/') + @override_settings(IMPERSONATE={'MAX_DURATION': 3600}) def test_reject_without_start_time(self): ''' Test to ensure that requests without a start time