def __call__(self, request: Request): user = request.user if user: try: session_authenticated_at = request.session.get( "authenticated_at") # User was deauthenticatd in this request for some reason if session_authenticated_at: if not user.is_valid_session(session_authenticated_at): request.session.invalidate() messages.add( request, kind="error", msg= "Your have been logged out due to authentication changes.", msg_id="msg-session-invalidated") logger.info( "User log out forced due to security sensitive settings change, user %s, session id %s", user, request.session.session_id) return HTTPFound(request.application_url) except sqlalchemy.orm.exc.DetachedInstanceError: if good_reify: # pyramid_tm 2.0 raise # TODO: pyramid_tm 2.0 needed, # now temporary just kill user object instead of failing with an internal error, so that development server doesn't fail with CSS etc. resources request.user = None response = self.handler(request) return response
def __call__(self, request: Request): user = request.user if user: try: session_created_at = request.session["created_at"] if not user.is_valid_session(session_created_at): request.session.invalidate() messages.add( request, kind="error", msg= "Your have been logged out due to authentication changes. ", msg_id="msg-session-invalidated") return HTTPFound(request.application_url) except sqlalchemy.orm.exc.DetachedInstanceError: if good_reify: # pyramid_tm 2.0 raise # TODO: pyramid_tm 2.0 needed, # now temporary just kill user object instead of failing with an internal error, so that development server doesn't fail with CSS etc. resources request.user = None response = self.handler(request) return response
def __call__(self, request: Request): user = request.user if user: try: session_created_at = request.session["created_at"] if not user.is_valid_session(session_created_at): request.session.invalidate() messages.add(request, kind="error", msg="Your have been logged out due to authentication changes. ", msg_id="msg-session-invalidated") return HTTPFound(request.application_url) except sqlalchemy.orm.exc.DetachedInstanceError: # TODO: pyramid_tm 2.0 needed, # now temporary just kill user object instead of failing with an internal error, so that development server doesn't fail with CSS etc. resources request.user = None response = self.handler(request) return response