Closed whikloj closed 6 months ago
Hi,
Thanks for this issue. Just to confirm, when you say 'local accounts' you mean Django-only user accounts that don't have a corresponding AD account?
Assuming that's what you mean, you have a good point, we're not handling that case at the moment. Will look into it soon!
Hey @regoawt, you are correct I meant local Django only accounts. In our use case we have staff that could use Azure but external users that will have to get a Django account.
Hey @whikloj, have given some thought to both your issues:
Cheers
@whikloj #22 is now available in v1.3.0.
Hi,
First thanks for this middleware, it is working great but I have hit on a couple of things that I needed to change locally to use it.
1) When you have a mix of AD accounts and local accounts, they all get sent to Microsoft to logout. The local accounts of course don't have the necessary information and were having problems.
2) This is more of a nuisance, when an AD user goes to logout they always have to "choose" the account even if there is only one logged in. This is totally an Microsoft thing, but I found some simple instructions (https://blogs.aaddevsup.xyz/2022/03/how-to-logout-of-an-oauth2-application-without-getting-prompted-to-select-a-user/) to avoid this in some cases.
I'm avoiding both of these locally by skipping your logout view and doing:
I'm not a strong python developer, so I'm sure there is a better way but I wanted to offer it up.
cheers