django/backends: Handle error when user session is no longer active (!26) · Merge requests · Platform / Development / swh-auth

Antoine Lambert requested to merge generated-differential-D6122-source into generated-differential-D6122-target Aug 23, 2021

When a user session has been terminated without using the logout view (for instance a user can logout from all its authenticated sessions using the Keycloak account UI), the expired OIDC profile is still in webapp cache which causes errors and prevent new user logins.

So ensure to remove expired profile from cache when detecting Keycloak session is no longer active in django authentication backend.

Related to swh-web#3496 (closed)

Migrated from D6122 (view on Phabricator)

django/backends: Handle error when user session is no longer active

Merge request reports