From f5db4926ee053e09d677b784fd85d89d27d0017f Mon Sep 17 00:00:00 2001
From: "holger.trampe" <htrampe@gmail.com>
Date: Sun, 25 Jul 2021 18:48:45 +0200
Subject: [PATCH] raus die maus aus dem hexenhaus

---
 api/urls.py                                   |   4 +-
 api/views.py                                  |   9 +++-
 .../__pycache__/settings.cpython-38.pyc       | Bin 4576 -> 4512 bytes
 digitaleagentur/settings.py                   |   6 +--
 requirements.txt                              |   3 +-
 users/templates/users/base.html               |  41 ++++++++++--------
 6 files changed, 37 insertions(+), 26 deletions(-)

diff --git a/api/urls.py b/api/urls.py
index 452f24d..57c1c7f 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -13,6 +13,6 @@ urlpatterns = [
     path('chatnewmessage/', views.savenewchatmessage, name='api-savechatmessage'),
     # MIGRATION
     path('migrateagencyusers/<int:pk>', views.migrateAgencyUsers, name="api-migrateagencyusers"),
-    path('test/', views.test, name="api-test"),
-    
+    # EXTERNAL FROM NC
+    path('logout/<str:uid>', views.test, name="api-test"),
 ]
\ No newline at end of file
diff --git a/api/views.py b/api/views.py
index b7be5e0..d8ad999 100644
--- a/api/views.py
+++ b/api/views.py
@@ -91,6 +91,11 @@ def migrateAgencyUsers(request, pk):
 
 
 from django.contrib.auth import login, logout
+from django.contrib.auth import update_session_auth_hash
+from django.contrib.sessions.models import Session
+
 @api_view(['GET', ])
-def test(request):
-	return redirect('users-logout')
+def test(request, uid):
+	user = User.objects.get(username=uid)
+	[s.delete() for s in Session.objects.all() if s.get_decoded().get('_auth_user_hash') == user.get_session_auth_hash()]
+	return JsonResponse({'res' : 'ok'})
diff --git a/digitaleagentur/__pycache__/settings.cpython-38.pyc b/digitaleagentur/__pycache__/settings.cpython-38.pyc
index 86845891a112fe3a3a993583adaddfa6ec3b78e7..f5c36ebd9c8a34ba4d121e1016bc053d381ef12b 100644
GIT binary patch
delta 387
zcmX|-xlRHB5Qdp$*(~U8)<(Qg1TVn*zC~2LPrzfm&5tX_N)j85_zGlO3b616Xl#57
zTN7IwV`62Zi3>5#WWHp+NhXtd^=7?FOi>&bGeXAC(N|h=(PKIgB{_ZPPTz-8x`)fr
zjUM!(5B(UxAcioE5#7N~jB*9WbPH6BV*)`;BBYB6!c<1oi7PRUnFMha!d#76uE8AU
z&FLH#id-ymDM7l(E-e2iVI?DREmpY>sWo<Eo$H~p$1E>4xB(GvM3kEl<7RAfOPtPa
zS*b{0T+UIBu;sL{zi0w+KelrMw_=Ce{)`=Lns)4RN5PsqJF&-I*oSJK+l>Pp;t0nX
zAwe?tK!{j;C;1QBBWv*1mXBJ`r2LcpO`x#xQ2I>0#<g-`2<l7zQ%#a)H(z;Kc<3LD
bEA3SKHhZx|CQX*DHKHgP?^=>117$bAK<I4U

delta 449
zcmYL`TT2^J5XaB#9>YdmlPZ{cw~4m()_T9SwT<h>d!kw6WvZ^W|F}j(M12(WD};S2
z<RSS43V}ZNLzF((H~j!U3a+8lGt3X>H!w4B@{zw0J*DgA!h2g&4?Fi+y@`HhyH?1b
zy=+yuHk+TkK)(~_5C$-aAq-;#qZq?DKH#HM&M)za>oCFf`0NM-@C8v!!oZXxGXygy
z9pVPWFr6W8#0)oKmYXq$d9OQ%g%TG_jAzJ^+=9gaAS~s4e9?+!euX55VQ~ZjZu7F;
zTlpF*{01q0i&gHx8h57Ype*kzu`8_=s6bc`3GObLo^&@h3JSji^ZS3skFTET#U}SX
zS#M@Pws-*B2zciX!p07EtMDzSc;yfjOLTlM-qI#%m&ZcfH49OkR`-1rD_;5U6!%Bv
zZyI)w^urL>88gv%++48irKD+@al^D1qwDS;{idecu#z#`NF?TGP1`b!RMIT|tU9CM
m(=VJ<Ji{Fi?o|sCLRM%L)HJnGN>!@vb?{VGq;%U}oIe8Y=X;a@

diff --git a/digitaleagentur/settings.py b/digitaleagentur/settings.py
index db04c8d..4afd8b8 100644
--- a/digitaleagentur/settings.py
+++ b/digitaleagentur/settings.py
@@ -25,10 +25,10 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
 # Nach zehn Stunden läuft der Cookie ab!
 # TASK: Zehn stunden auto-auslog einmal checken Sekunden!
-SESSION_COOKIE_AGE = 8*60*60
+SESSION_COOKIE_AGE = 100*60*60
 
 
-CHANNELS_PRESENCE_MAX_AGE = 30
+#CHANNELS_PRESENCE_MAX_AGE = 30
 
 # FOR SUMMERNOTE ORIGIN
 X_FRAME_OPTIONS = 'ALLOWALL'
@@ -115,7 +115,7 @@ MIDDLEWARE = [
 
 ROOT_URLCONF = 'digitaleagentur.urls'
 
-CSRF_COOKIE_SECURE = False
+#CSRF_COOKIE_SECURE = False
 
 TEMPLATES = [
     {
diff --git a/requirements.txt b/requirements.txt
index 38bc954..80ab509 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -37,4 +37,5 @@ django-simple-captcha==0.5.13
 auditlog3==1.0.1
 filetype==1.0.7
 Authlib==0.15.3
-xmltodict==0.12.0
\ No newline at end of file
+xmltodict==0.12.0
+django-user-sessions==1.7.1
\ No newline at end of file
diff --git a/users/templates/users/base.html b/users/templates/users/base.html
index 848b123..4ad24bd 100644
--- a/users/templates/users/base.html
+++ b/users/templates/users/base.html
@@ -271,23 +271,24 @@
 
           <!-- ALERT_AREA -->
           <!-- Nav Item - Alerts -->
-            <li class="nav-item dropdown no-arrow mx-1">
+           <!--<li class="nav-item dropdown no-arrow mx-1">
               <a class="nav-link dropdown-toggle" onclick="changeNewNotToViewed()" id="alertsDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                <i class="fas fa-bell fa-fw"></i>
+                <i class="fas fa-bell fa-fw"></i>-->
                 <!-- Counter - Alerts -->
-                <span class="badge badge-danger badge-counter" id="notificationcounter"></span>
-              </a>
+                <!--<span class="badge badge-danger badge-counter" id="notificationcounter"></span>
+              </a>-->
               <!-- Dropdown - Alerts -->
+              <!--
               <div class="dropdown-list dropdown-menu dropdown-menu-right shadow animated--grow-in" aria-labelledby="alertsDropdown" id="allnotificationsarea">
                 <h6 class="dropdown-header bg-success text-white">
                   Benachrichtigungen
-                </h6>
+                </h6>-->
                 <!-- ITEMS -->
-                <span id="notification_items"></span>
+                <!--<span id="notification_items"></span>-->
                 <!-- ITEMS END -->
-                <a class="dropdown-item text-center small text-gray-500" href="{% url 'showallnotificaions' %}">Alle Benachrichtigungen ansehen</a>
-              </div>
-            </li>
+                <!--<a class="dropdown-item text-center small text-gray-500" href="{% url 'showallnotificaions' %}">Alle Benachrichtigungen ansehen</a>
+              </div>-->
+            <!--/li>-->
             <style type="text/css">
               {% getonlinestatuscolor request.user as onlinecolor %}
             .roundimg_base {
@@ -297,16 +298,19 @@
               box-shadow: 0px 0px 4px 5px {{onlinecolor}};
             }
             </style>
-            <div class="topbar-divider d-none d-sm-block"></div>
+            <!--<div class="topbar-divider d-none d-sm-block"></div>-->
             <!-- Nav Item - User Information -->
+            <!--
             <li class="nav-item dropdown no-arrow">
               <a class="nav-link dropdown-toggle" href="#" id="userDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
                 <span class="mr-2 d-none d-lg-inline text-gray-600 small">{{request.user.first_name}} {{request.user.last_name}}
                 </span>
                 <img id="userbaseprofilepicture" class="img-profile roundimg_base ml-2" src="{{ request.user.profile.get_photo_url }}">
-              </a>
+              </a>-->
               <!-- Dropdown - User Information -->
-              <div class="dropdown-menu dropdown-menu-right shadow animated--grow-in" aria-labelledby="userDropdown">
+              
+              <!--<div class="dropdown-menu dropdown-menu-right shadow animated--grow-in" aria-labelledby="userDropdown">
+               
                 <a class="dropdown-item" onclick="javascript:changeOnlineStatus(0)" href="#/">
                   <i class="fas fa-circle mr-2" style="color: green"></i>
                   Online
@@ -323,13 +327,14 @@
                   <i class="fas fa-circle mr-2" style="color: grey"></i>
                   Offline anzeigen
                 </a>
-
-                <div class="dropdown-divider"></div>
-                <!--<a class="dropdown-item" onclick="userGoToSettings({{user.pk}})" href="{% url 'orga-single' user.pk %}">-->
+                -->
+                <!--<div class="dropdown-divider"></div>-->
+                <!--<a class="dropdown-item" onclick="userGoToSettings({{user.pk}})" href="{% url 'orga-single' user.pk %}">
                 <a class="dropdown-item" onclick="userGoToSettings()" href="#/">
                   <i class="fas fa-user fa-sm fa-fw mr-2 text-gray-400"></i>
                   Einstellungen
                 </a>
+                
                 <a class="dropdown-item" onclick="userGoToNotification()" href="#/">
                   <i class="fas fa-bell fa-sm fa-fw mr-2 text-gray-400"></i>
                   Benachrichtigungen
@@ -343,9 +348,9 @@
                   <i class="fas fa-sign-out-alt fa-sm fa-fw mr-2 text-gray-400"></i>
                   Abmelden
                 </a>
-              </div>
-            </li>
-          </ul>
+              </div>-->
+           <!--</li>-->
+          <!--</ul>-->
         </nav>
 
         <!-- End of Topbar -->