zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-23 19:20:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

updated comments to reflect tests; made logic more readable in needs_identity_verification

Browse source
This commit is contained in:
David Kennedy 2023-12-08 17:32:25 -05:00
parent 0ed0cb6c37
commit f7fdecfd33
No known key found for this signature in database
GPG key ID: 6528A5386E66B96B
4 changed files with 18 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/djangooidc/views.py
View file

@ -92,7 +92,14 @@ def requires_step_up_auth(userinfo):
acr_value = userinfo.get("ial", "")
uuid = userinfo.get("sub", "")
email = userinfo.get("email", "")
return User.needs_identity_verification(email, uuid) and acr_value != step_up_acr_value
if acr_value != step_up_acr_value:
# The acr of this attempt is not at the highest level
# so check if the user needs the higher level
return User.needs_identity_verification(email, uuid)
else:
# This attempt already came back at the highest level
# so does not require step up
return False
def logout(request, next_page=None):