diff --git a/authentik/flows/views/executor.py b/authentik/flows/views/executor.py index e6e27a0f9..b6763ab39 100644 --- a/authentik/flows/views/executor.py +++ b/authentik/flows/views/executor.py @@ -169,10 +169,11 @@ class FlowExecutorView(APIView): self.request.session[SESSION_KEY_PLAN] = plan # Early check if there's an active Plan for the current session if SESSION_KEY_PLAN in self.request.session: - self.plan = self.request.session[SESSION_KEY_PLAN] + self.plan: FlowPlan = self.request.session[SESSION_KEY_PLAN] if self.plan.flow_pk != self.flow.pk.hex: self._logger.warning( "f(exec): Found existing plan for other flow, deleting plan", + other_flow=self.plan.flow_pk, ) # Existing plan is deleted from session and instance self.plan = None diff --git a/authentik/stages/user_delete/stage.py b/authentik/stages/user_delete/stage.py index f57f8d659..4b68a0555 100644 --- a/authentik/stages/user_delete/stage.py +++ b/authentik/stages/user_delete/stage.py @@ -1,10 +1,10 @@ """Delete stage logic""" from django.contrib import messages +from django.contrib.auth import logout from django.http import HttpRequest, HttpResponse from django.utils.translation import gettext as _ from structlog.stdlib import get_logger -from authentik.core.models import User from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER from authentik.flows.stage import StageView @@ -20,13 +20,15 @@ class UserDeleteStageView(StageView): def get(self, request: HttpRequest) -> HttpResponse: """Delete currently pending user""" - if PLAN_CONTEXT_PENDING_USER not in self.executor.plan.context: + user = self.get_pending_user() + if not user.is_authenticated: message = _("No Pending User.") messages.error(request, message) LOGGER.debug(message) return self.executor.stage_invalid() - user: User = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER] + logout(self.request) user.delete() LOGGER.debug("Deleted user", user=user) - del self.executor.plan.context[PLAN_CONTEXT_PENDING_USER] + if PLAN_CONTEXT_PENDING_USER in self.executor.plan.context: + del self.executor.plan.context[PLAN_CONTEXT_PENDING_USER] return self.executor.stage_ok() diff --git a/authentik/stages/user_delete/tests.py b/authentik/stages/user_delete/tests.py index 2ae3b276d..ebcd8f78d 100644 --- a/authentik/stages/user_delete/tests.py +++ b/authentik/stages/user_delete/tests.py @@ -48,8 +48,8 @@ class TestUserDeleteStage(FlowTestCase): def test_user_delete_get(self): """Test Form render""" + self.client.force_login(self.user) plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()]) - plan.context[PLAN_CONTEXT_PENDING_USER] = self.user session = self.client.session session[SESSION_KEY_PLAN] = plan session.save() diff --git a/web/src/user/user-settings/details/stages/prompt/PromptStage.ts b/web/src/user/user-settings/details/stages/prompt/PromptStage.ts index 11baf050a..a7da7faa7 100644 --- a/web/src/user/user-settings/details/stages/prompt/PromptStage.ts +++ b/web/src/user/user-settings/details/stages/prompt/PromptStage.ts @@ -37,7 +37,7 @@ export class UserSettingsPromptStage extends PromptStage { ${this.host.tenant.flowUnenrollment ? html` ${t`Delete account`} `