Commits

bchesneau  committed 7d2af1a

[svn r24] fix openid session variable :
http://code.google.com/p/django-authopenid/issues/detail?id=1

now use only one openid at a time

  • Participants
  • Parent commits ffec80f

Comments (0)

Files changed (2)

File middleware.py

 # -*- coding: utf-8 -*-
 class OpenIDMiddleware(object):
     """
-    Populate request.openid and request.openids with their openid. This comes 
-    eithen from their cookie or from their session, depending on the presence 
-    of OPENID_USE_SESSIONS.
+    Populate request.openid. This comes either from cookie or from
+    session, depending on the presence of OPENID_USE_SESSIONS.
     """
     def process_request(self, request):
-        request.openids = request.session.get('openids', [])
-        if request.openids:
-            request.openid = request.openids[-1] # Last authenticated OpenID
-        else:
-            request.openid = None
+        request.openid = request.session.get('openid', None)
         assert False, "Bad openid status: %s" % openid_response.status
 
 def default_on_success(request, identity_url, openid_response):
-    if 'openids' not in request.session.keys():
-        request.session['openids'] = []
-    
-    # Eliminate any duplicates
-    request.session['openids'] = [
-        o for o in request.session['openids'] if o.openid != identity_url
-    ]
-    request.session['openids'].append(from_openid_response(openid_response))
+    request.session['openid']=from_openid_response(openid_response)
     
     next = request.GET.get('next', '').strip()
     if not next or not is_valid_next_url(next):
     if openid isn't registered user is redirected to register page.
     """
 
-    request.session['openids'] = []
     openid=from_openid_response(openid_response)
-    request.session['openids'].append(openid)
+    request.session['openid']=openid
 
     try:
         rel = UserAssociation.objects.get(openid_url__exact=str(openid))
         next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/')
 
 
-    openids = request.session.get('openids', [])
-    if openids and len(openids)>0:
-        openid = openids[-1] # Last authenticated OpenID
-    else:
+    openid = request.session.get('openid', None)
+    if not openid:
          return HttpResponseRedirect(reverse('user_signin') + next)
 
     nickname = openid.sreg.get('nickname', '')
 
     url : /signout/"
     """
-    request.session['openids'] = []
+    del request.session['openid']
     next = request.GET.get('next', '/')
     if not is_valid_next_url(next):
         next = '/'