async def get_user(scope: Dict[str, Any]) -> Dict[str, Any]: """ Returns a user id from a channels-scope-session. If no user is retrieved, return {'id': 0}. """ # This code is basicly from channels.auth: # https://github.com/django/channels/blob/d5e81a78e96770127da79248349808b6ee6ec2a7/channels/auth.py#L16 if "session" not in scope: raise ValueError( "Cannot find session in scope. You should wrap your consumer in SessionMiddleware." ) session = scope["session"] user: Optional[Dict[str, Any]] = None try: user_id = _get_user_session_key(session) backend_path = session[BACKEND_SESSION_KEY] except KeyError: pass else: if backend_path in settings.AUTHENTICATION_BACKENDS: user = await element_cache.get_element_full_data("users/user", user_id) if user: # Verify the session session_hash = session.get(HASH_SESSION_KEY) session_hash_verified = session_hash and constant_time_compare( session_hash, user["session_auth_hash"] ) if not session_hash_verified: session.flush() user = None return user or {"id": 0}
async def get_user(scope: Dict[str, Any]) -> Dict[str, Any]: """ Returns a user id from a channels-scope-session. If no user is retrieved, return {'id': 0}. """ # This code is basicly from channels.auth: # https://github.com/django/channels/blob/d5e81a78e96770127da79248349808b6ee6ec2a7/channels/auth.py#L16 if "session" not in scope: raise ValueError( "Cannot find session in scope. You should wrap your consumer in SessionMiddleware." ) session = scope["session"] user: Optional[Dict[str, Any]] = None try: user_id = _get_user_session_key(session) backend_path = session[BACKEND_SESSION_KEY] except KeyError: pass else: if backend_path in settings.AUTHENTICATION_BACKENDS: user = await element_cache.get_element_full_data( "users/user", user_id) if user: # Verify the session session_hash = session.get(HASH_SESSION_KEY) session_hash_verified = session_hash and constant_time_compare( session_hash, user["session_auth_hash"]) if not session_hash_verified: session.flush() user = None return user or {"id": 0}
def get_user(scope): """ Return the user model instance associated with the given scope. If no user is retrieved, return an instance of `AnonymousUser`. """ if "session" not in scope: raise ValueError( "Cannot find session in scope. You should wrap your consumer in SessionMiddleware." ) user = None session = scope["session"] with scope["tenant"]: try: user_id = _get_user_session_key(session) backend_path = session[BACKEND_SESSION_KEY] except KeyError: pass else: if backend_path in settings.AUTHENTICATION_BACKENDS: backend = load_backend(backend_path) user = backend.get_user(user_id) # Verify the session if hasattr(user, "get_session_auth_hash"): session_hash = session.get(HASH_SESSION_KEY) session_hash_verified = session_hash and constant_time_compare( session_hash, user.get_session_auth_hash()) if not session_hash_verified: session.flush() user = None return user or AnonymousUser()
async def get_user( scope: Dict[str, Any]) -> Union[CollectionElement, AnonymousUser]: """ Returns a User-CollectionElement from a channels-scope-session. If no user is retrieved, return AnonymousUser. """ # This can not return None because a LazyObject can not become None # This code is basicly from channels.auth: # https://github.com/django/channels/blob/d5e81a78e96770127da79248349808b6ee6ec2a7/channels/auth.py#L16 if "session" not in scope: raise ValueError( "Cannot find session in scope. You should wrap your consumer in SessionMiddleware." ) session = scope["session"] user = None try: user_id = _get_user_session_key(session) backend_path = session[BACKEND_SESSION_KEY] except KeyError: pass else: if backend_path in settings.AUTHENTICATION_BACKENDS: user = await element_cache.get_element_full_data( "users/user", user_id) if user is not None: # Verify the session session_hash = session.get(HASH_SESSION_KEY) session_hash_verified = session_hash and constant_time_compare( session_hash, user['session_auth_hash']) if not session_hash_verified: session.flush() user = None return CollectionElement.from_values( "users/user", user_id, full_data=user) if user else AnonymousUser()