diff --git a/src/backend/InvenTree/InvenTree/settings.py b/src/backend/InvenTree/InvenTree/settings.py index 743d4b8961..5e8909b8d9 100644 --- a/src/backend/InvenTree/InvenTree/settings.py +++ b/src/backend/InvenTree/InvenTree/settings.py @@ -204,6 +204,7 @@ INSTALLED_APPS = [ # Core django modules 'django.contrib.auth', 'django.contrib.contenttypes', + 'django.contrib.sessions', 'django.contrib.humanize', 'whitenoise.runserver_nostatic', 'django.contrib.messages', @@ -246,6 +247,7 @@ MIDDLEWARE = CONFIG.get( [ 'django.middleware.security.SecurityMiddleware', 'x_forwarded_for.middleware.XForwardedForMiddleware', + 'django.contrib.sessions.middleware.SessionMiddleware', 'allauth.usersessions.middleware.UserSessionsMiddleware', # DB user sessions 'django.middleware.locale.LocaleMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', @@ -812,13 +814,7 @@ if GLOBAL_CACHE_ENABLED: # pragma: no cover # as well Q_CLUSTER['django_redis'] = 'worker' -# database user sessions -SESSION_ENGINE = 'user_sessions.backends.db' -LOGOUT_REDIRECT_URL = get_setting( - 'INVENTREE_LOGOUT_REDIRECT_URL', 'logout_redirect_url', 'index' -) - -SILENCED_SYSTEM_CHECKS = ['admin.E410', 'templates.E003', 'templates.W003'] +SILENCED_SYSTEM_CHECKS = ['templates.E003', 'templates.W003'] # Password validation # https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators diff --git a/src/backend/InvenTree/InvenTree/urls.py b/src/backend/InvenTree/InvenTree/urls.py index 10c0790178..accca0a7e1 100644 --- a/src/backend/InvenTree/InvenTree/urls.py +++ b/src/backend/InvenTree/InvenTree/urls.py @@ -49,8 +49,6 @@ from .views import ( CustomEmailView, CustomLoginView, CustomPasswordResetFromKeyView, - CustomSessionDeleteOtherView, - CustomSessionDeleteView, DatabaseStatsView, DynamicJsView, EditUserView, @@ -357,17 +355,6 @@ classic_frontendpatterns = [ path('settings/', include(settings_urls)), path('about/', AboutView.as_view(), name='about'), path('stats/', DatabaseStatsView.as_view(), name='stats'), - # DB user sessions - path( - 'accounts/sessions/other/delete/', - view=CustomSessionDeleteOtherView.as_view(), - name='session_delete_other', - ), - re_path( - r'^accounts/sessions/(?P\w+)/delete/$', - view=CustomSessionDeleteView.as_view(), - name='session_delete', - ), # Single Sign On / allauth # overrides of urlpatterns path('accounts/email/', CustomEmailView.as_view(), name='account_email'), diff --git a/src/backend/InvenTree/InvenTree/views.py b/src/backend/InvenTree/InvenTree/views.py index 931520a40f..557db269c1 100644 --- a/src/backend/InvenTree/InvenTree/views.py +++ b/src/backend/InvenTree/InvenTree/views.py @@ -4,9 +4,7 @@ In particular these views provide base functionality for rendering Django forms as JSON objects and passing them to modal forms (using jQuery / bootstrap). """ -from django.contrib.auth import password_validation from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin -from django.core.exceptions import ValidationError from django.http import HttpResponse, HttpResponseRedirect, JsonResponse from django.shortcuts import redirect from django.template.loader import render_to_string @@ -23,14 +21,13 @@ from allauth.account.views import EmailView, LoginView, PasswordResetFromKeyView from allauth.socialaccount.forms import DisconnectForm from allauth.socialaccount.views import ConnectionsView from djmoney.contrib.exchange.models import ExchangeBackend, Rate -from user_sessions.views import SessionDeleteOtherView, SessionDeleteView import common.currency import common.models as common_models from part.models import PartCategory from users.models import RuleSet, check_user_role -from .forms import EditUserForm, SetPasswordForm +from .forms import EditUserForm from .helpers import is_ajax, remove_non_printable_characters, strip_html_tags @@ -515,26 +512,6 @@ class CustomPasswordResetFromKeyView(PasswordResetFromKeyView): success_url = reverse_lazy('account_login') -class UserSessionOverride: - """Overrides sucessurl to lead to settings.""" - - def get_success_url(self): - """Revert to settings page after success.""" - return str(reverse_lazy('settings')) - - -class CustomSessionDeleteView(UserSessionOverride, SessionDeleteView): - """Revert to settings after session delete.""" - - pass - - -class CustomSessionDeleteOtherView(UserSessionOverride, SessionDeleteOtherView): - """Revert to settings after session delete.""" - - pass - - class CustomLoginView(LoginView): """Custom login view that allows login with urlargs.""" diff --git a/src/backend/InvenTree/templates/InvenTree/settings/user.html b/src/backend/InvenTree/templates/InvenTree/settings/user.html index 98ded18abe..eb3a451c4c 100644 --- a/src/backend/InvenTree/templates/InvenTree/settings/user.html +++ b/src/backend/InvenTree/templates/InvenTree/settings/user.html @@ -5,7 +5,7 @@ {% load inventree_extras %} {% load socialaccount %} {% load crispy_forms_tags %} -{% load user_sessions i18n %} +{% load i18n %} {% block label %}account{% endblock label %} @@ -194,7 +194,7 @@ {{ object.ip }} {% if object.user_agent or object.device %} - {{ object.user_agent|device|default_if_none:unknown_on_unknown|safe }} + {{ object.user_agent|default_if_none:unknown_on_unknown|safe }} {% else %} {{ unknown_on_unknown }} {% endif %} diff --git a/src/backend/InvenTree/users/models.py b/src/backend/InvenTree/users/models.py index 3d80157152..20330a2e84 100644 --- a/src/backend/InvenTree/users/models.py +++ b/src/backend/InvenTree/users/models.py @@ -351,7 +351,6 @@ class RuleSet(models.Model): 'error_report_error', 'exchange_rate', 'exchange_exchangebackend', - 'user_sessions_session', # Django-q 'django_q_ormq', 'django_q_failure', diff --git a/src/backend/requirements.in b/src/backend/requirements.in index 7109e2c773..47f7a1fda4 100644 --- a/src/backend/requirements.in +++ b/src/backend/requirements.in @@ -28,7 +28,6 @@ django-sslserver # Secure HTTP development server django-stdimage # Advanced ImageField management django-taggit # Tagging support django-otp==1.3.0 # Two-factor authentication (legacy to ensure migrations) https://github.com/inventree/InvenTree/pull/6293 -django-user-sessions # user sessions in DB django-weasyprint # django weasyprint integration djangorestframework # DRF framework djangorestframework-simplejwt[crypto] # JWT authentication diff --git a/src/backend/requirements.txt b/src/backend/requirements.txt index b4e32e7ae2..ee010c2525 100644 --- a/src/backend/requirements.txt +++ b/src/backend/requirements.txt @@ -353,7 +353,6 @@ django==4.2.12 \ # django-sslserver # django-stdimage # django-taggit - # django-user-sessions # django-weasyprint # django-xforwardedfor-middleware # djangorestframework @@ -440,9 +439,6 @@ django-stdimage==6.0.2 \ django-taggit==5.0.1 \ --hash=sha256:a0ca8a28b03c4b26c2630fd762cb76ec39b5e41abf727a7b66f897a625c5e647 \ --hash=sha256:edcd7db1e0f35c304e082a2f631ddac2e16ef5296029524eb792af7430cab4cc -django-user-sessions==2.0.0 \ - --hash=sha256:0965554279f556b47062965609fa08b3ae45bbc581001dbe84b2ea599cc67748 \ - --hash=sha256:41b8b1ebeb4736065efbc96437c9cfbf491c39e10fd547a76b98f2312e11fa3e django-weasyprint==2.3.0 \ --hash=sha256:2f849e15bfd6c1b2a58512097b9042eddf3533651d37d2e096cd6f7d8be6442b \ --hash=sha256:807cb3b16332123d97c8bbe2ac9c70286103fe353235351803ffd33b67284735 diff --git a/tasks.py b/tasks.py index df7e456d2f..19a951fe07 100644 --- a/tasks.py +++ b/tasks.py @@ -85,7 +85,6 @@ def content_excludes( 'exchange.exchangebackend', 'common.notificationentry', 'common.notificationmessage', - 'user_sessions.session', 'report.labeloutput', 'report.reportoutput', ]