def migrate_sessions(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
from django.contrib.sessions.backends.cache import KEY_PREFIX, SessionStore
from django.core.cache import cache
AuthenticatedSession = apps.get_model("authentik_core", "AuthenticatedSession")
User = apps.get_model("authentik_core", "user")
session_keys = cache.keys(KEY_PREFIX + "*")
for key in session_keys:
key = key.replace(KEY_PREFIX, "")
store = SessionStore(key)
data = store.load()
if data == {} or "_auth_user_id" not in data:
continue
if (
AuthenticatedSession.objects.using(db_alias)
.filter(session_key=key)
.exists()
):
continue
users = User.objects.using(db_alias).filter(pk=data.get("_auth_user_id"))
if not users.exists():
continue
AuthenticatedSession.objects.using(db_alias).create(
session_key=key,
user=users.first(),
expires=data.get("_session_expiry", now()),
)
def checkSessionToken(request):
"""
验证sessionToken
"""
session_key = request.COOKIES.get('sid', None)
session = SessionStore(session_key)
session_data = session.load()
if session_data.get('stoken', None):
session.delete()
else:
raise InvestError(3008)
