From ccd4ff79a9eb8033abd0aefe59dda2b727a1f9ed Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Thu, 29 Jun 2023 16:13:04 +0900 Subject: [PATCH 1/2] =?UTF-8?q?fix:=20=E3=83=A1=E3=83=B3=E3=83=86=E3=83=A6?= =?UTF-8?q?=E3=83=BC=E3=82=B6=E3=83=BC=E3=83=AD=E3=82=B0=E3=82=A4=E3=83=B3?= =?UTF-8?q?=E5=A4=B1=E6=95=97=E6=99=82=E3=81=AB=E3=82=A8=E3=83=A9=E3=83=BC?= =?UTF-8?q?=E9=80=9A=E7=9F=A5=E3=81=8C=E5=87=BA=E3=81=A6=E3=81=97=E3=81=BE?= =?UTF-8?q?=E3=81=86=E3=81=AE=E3=82=92=E4=BF=AE=E6=AD=A3=E3=80=82SSO?= =?UTF-8?q?=E3=81=AF=E9=80=9A=E7=9F=A5=E3=81=95=E3=81=9B=E3=82=8B=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/login.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ecs/jskult-webapp/src/controller/login.py b/ecs/jskult-webapp/src/controller/login.py index 09032af5..6d867645 100644 --- a/ecs/jskult-webapp/src/controller/login.py +++ b/ecs/jskult-webapp/src/controller/login.py @@ -69,10 +69,10 @@ def login( try: jwt_token = login_service.login(request.username, request.password) except NotAuthorizeException as e: - logger.exception(e) + logger.info(f'ログイン失敗:{e}') raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_LOGIN_ERROR) except JWTTokenVerifyException as e: - logger.exception(e) + logger.info(f'ログイン失敗:{e}') raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_SESSION_EXPIRED) verified_token = jwt_token.verify_token() @@ -126,7 +126,7 @@ def sso_authorize( # トークン検証 verified_token = jwt_token.verify_token() except JWTTokenVerifyException as e: - logger.exception(e) + logger.exception(f'SSOログイン失敗:{e}') raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_SESSION_EXPIRED) # トークンからユーザーIDを取得 From d76b8d1c9332550239effe6e0c6d5c88b0aed986 Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Thu, 29 Jun 2023 16:39:12 +0900 Subject: [PATCH 2/2] =?UTF-8?q?fix:=20=E3=83=A6=E3=83=BC=E3=82=B6=E3=83=9E?= =?UTF-8?q?=E3=82=B9=E3=82=BF=E3=81=AB=E3=83=AC=E3=82=B3=E3=83=BC=E3=83=89?= =?UTF-8?q?=E3=81=8C=E5=AD=98=E5=9C=A8=E3=81=97=E3=81=AA=E3=81=84=E5=A0=B4?= =?UTF-8?q?=E5=90=88=E3=81=AB=E3=82=A8=E3=83=A9=E3=83=BC=E3=81=AB=E3=81=AA?= =?UTF-8?q?=E3=82=8B=E3=81=AE=E3=82=92=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/login.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ecs/jskult-webapp/src/controller/login.py b/ecs/jskult-webapp/src/controller/login.py index 6d867645..00e5cb75 100644 --- a/ecs/jskult-webapp/src/controller/login.py +++ b/ecs/jskult-webapp/src/controller/login.py @@ -79,6 +79,10 @@ def login( # 普通の認証だと、`cognito:username`に入る。 user_id = verified_token.user_id user_record = login_service.logged_in_user(user_id) + # ユーザーがマスタに存在しない場合、ログアウトにリダイレクトする + if user_record is None: + logger.info(f'存在しないユーザー: {user_id}, ユーザーID: {user_id}') + raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_LOGIN_ERROR) # ユーザーが有効ではない場合、ログアウトにリダイレクトする if not user_record.is_enable_user(): logger.info(f'無効なユーザー: {user_id}, 有効フラグ: {user_record.enabled_flg}') @@ -132,6 +136,11 @@ def sso_authorize( # トークンからユーザーIDを取得 user_id = verified_token.user_id user_record = login_service.logged_in_user(user_id) + + # ユーザーがマスタに存在しない場合、ログアウトにリダイレクトする + if user_record is None: + logger.info(f'存在しないユーザー: {user_id}, ユーザーID: {user_id}') + raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_LOGIN_ERROR) # ユーザーが有効ではない場合、ログアウトにリダイレクトする if not user_record.is_enable_user(): logger.info(f'無効なユーザー: {user_id}, 有効フラグ: {user_record.enabled_flg}')