diff options
author | Matthias Runge <mrunge@redhat.com> | 2014-12-18 12:53:19 +0100 |
---|---|---|
committer | Matthias Runge <mrunge@redhat.com> | 2014-12-18 12:53:19 +0100 |
commit | 336d7a531d8fb422e3b86a46b865339b3a321902 (patch) | |
tree | 91eccf04c030fa689ca5089e43e4a1b31c442eb7 | |
parent | b1538c90fa44416109c1fa0b4eb5818f5d44cac2 (diff) | |
download | django_openstack_auth-336d7a531d8fb422e3b86a46b865339b3a321902.tar.gz |
add last_activity to session
Actually, the fix for CVE-2014-8124 included a regression, resulting
users had to log in a second time, after being logged out due to
inactivity.
Change-Id: If6a7f489058c80c969975dc0658e6f2ae979eca3
Closes-Bug: 1403037
-rw-r--r-- | openstack_auth/views.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/openstack_auth/views.py b/openstack_auth/views.py index 53b9ce9..cf42f50 100644 --- a/openstack_auth/views.py +++ b/openstack_auth/views.py @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. import logging +import time import django from django.conf import settings @@ -101,6 +102,7 @@ def login(request, template_name=None, extra_context=None, **kwargs): region_name = regions.get(region) request.session['region_endpoint'] = region request.session['region_name'] = region_name + request.session['last_activity'] = int(time.time()) return res |