Merge pull request #3976 from vhf/ban

Répare la déconnexion

requirements.txt

@@ -4,7 +4,7 @@ pygments==2.1.3
 python-social-auth==0.2.19
 
 # Explicit dependencies (references in code)
-Django==1.8.15
+Django==1.8.16
 django-crispy-forms==1.6.0
 django-haystack==2.4.1
 django-model-utils==2.5

zds/member/commons.py

@@ -11,7 +11,7 @@
 from django.template.defaultfilters import pluralize
 from django.utils.translation import ugettext_lazy as _
 
-from zds.member.models import Profile, TokenRegister, Ban, logout_user
+from zds.member.models import Profile, TokenRegister, Ban
 from zds.utils.mps import send_mp
 
 
@@ -308,7 +308,6 @@ def apply_sanction(self, profile, ban):
         profile.can_read = False
         profile.save()
         ban.save()
-        logout_user(profile.user.username)
 
 
 class TemporaryBanSanction(MemberSanctionState):
@@ -335,7 +334,6 @@ def apply_sanction(self, profile, ban):
         profile.can_read = False
         profile.save()
         ban.save()
-        logout_user(profile.user.username)
 
 
 class DeleteBanSanction(MemberSanctionState):

zds/member/models.py

@@ -4,9 +4,6 @@
 from django.conf import settings
 from django.db import models
 from hashlib import md5
-from django.http import HttpRequest
-from django.contrib.sessions.models import Session
-from django.contrib.auth import logout
 import os
 
 from django.contrib.auth.models import User
@@ -18,7 +15,6 @@
 from zds.member.managers import ProfileManager
 from zds.tutorialv2.models.models_database import PublishableContent, PublishedContent
 from zds.utils.models import Alert
-from importlib import import_module
 
 
 class Profile(models.Model):
@@ -512,23 +508,3 @@ class Meta:
 
     def __unicode__(self):
         return u"{0} - note : {1} ({2}) ".format(self.user.username, self.comment, self.create_at)
-
-
-def logout_user(username):
-    """
-    Logout the member.
-    :param username: the name of the user to logout.
-    """
-    now = datetime.now()
-    request = HttpRequest()
-
-    sessions = Session.objects.filter(expire_date__gt=now)
-    user = User.objects.get(username=username)
-
-    for session in sessions:
-        user_id = session.get_decoded().get('_auth_user_id')
-        if user.id == user_id:
-            engine = import_module(settings.SESSION_ENGINE)
-            request.session = engine.SessionStore(session.session_key)
-            logout(request)
-            break

zds/member/urls.py

@@ -5,7 +5,7 @@
 from zds.member.views import MemberList, MemberDetail, UpdateMember, UpdateAvatarMember, UpdatePasswordMember, \
     UpdateUsernameEmailMember, RegisterView, SendValidationEmailView, modify_karma, \
     modify_profile, settings_mini_profile, member_from_ip, tutorials, articles, settings_promote, login_view, \
-    logout_view, forgot_password, new_password, active_account, generate_token_account, unregister, warning_unregister
+    logout_view, forgot_password, new_password, activate_account, generate_token_account, unregister, warning_unregister
 
 urlpatterns = [
     # list
@@ -40,7 +40,7 @@
     url(r'^reinitialisation/$', forgot_password, name='member-forgot-password'),
     url(r'^validation/$', SendValidationEmailView.as_view(), name='send-validation-email'),
     url(r'^new_password/$', new_password, name='member-new-password'),
-    url(r'^activation/$', active_account, name='member-active-account'),
+    url(r'^activation/$', activate_account, name='member-active-account'),
     url(r'^envoi_jeton/$', generate_token_account, name='member-generate-token-account'),
     url(r'^desinscrire/valider/$', unregister, name='member-unregister'),
     url(r'^desinscrire/avertissement/$', warning_unregister, name='member-warning-unregister')

zds/member/views.py

@@ -783,34 +783,30 @@ def new_password(request):
 
 
 @https_required
-def active_account(request):
+def activate_account(request):
     """Active token for a user."""
-
     try:
         token = request.GET["token"]
     except KeyError:
         return redirect(reverse("homepage"))
     token = get_object_or_404(TokenRegister, token=token)
     usr = token.user
 
-    # User can't confirm his request if he is already activated.
-
+    # User can't confirm their request if their account is already active
     if usr.is_active:
         return render(request, "member/register/token_already_used.html")
 
-    # User can't confirm his request if it is too late.
-
+    # User can't confirm their request if it is too late.
     if datetime.now() > token.date_end:
         return render(request, "member/register/token_failed.html",
                       {"token": token})
     usr.is_active = True
     usr.save()
 
-    # send register message
-
+    # send welcome message
     bot = get_object_or_404(User, username=settings.ZDS_APP['member']['bot_account'])
     msg = render_to_string(
-        'member/messages/active_account.md',
+        'member/messages/account_activated.md',
         {
             'username': usr.username,
             'tutorials_url': settings.ZDS_APP['site']['url'] + reverse("tutorial:list"),

zds/middlewares/SetLastVisitMiddleware.py

@@ -1,20 +1,21 @@
 import datetime
+
+from django.contrib.auth import logout
+
 from zds.member.views import get_client_ip
 
 
 class SetLastVisitMiddleware(object):
-
     def process_response(self, request, response):
         # Update last visit time after request finished processing.
+        user = None
         try:
             if request.user.is_authenticated():
                 user = request.user
-            else:
-                user = None
         except:
-            user = None
+            pass
 
-        if user is not None:
+        if user:
             profile = request.user.profile
             if profile.last_visit is None:
                 profile.last_visit = datetime.datetime.now()
@@ -26,4 +27,6 @@ def process_response(self, request, response):
                     profile.last_visit = datetime.datetime.now()
                     profile.last_ip_address = get_client_ip(request)
                     profile.save()
+            if not profile.can_read:
+                logout(request)
         return response