From fe5f5b47900796b64aa115d4d4b62b2d94deb9d4 Mon Sep 17 00:00:00 2001
From: Nicholas Serra <nickserra@gmail.com>
Date: Tue, 4 Apr 2017 13:46:43 -0400
Subject: [PATCH] Set session vars in middleware

---
 tos/middleware.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/tos/middleware.py b/tos/middleware.py
index 29cab0a..e26ed8e 100644
--- a/tos/middleware.py
+++ b/tos/middleware.py
@@ -38,7 +38,8 @@ class UserAgreementMiddleware(deprecation.MiddlewareMixin if DJANGO_VERSION >= (
         # for the user object.
         # NOTE: We use the user ID because it's not user-settable and it won't
         #       ever change (usernames and email addresses can change)
-        user_id = request.session.get(session_key)
+        user_id = int(request.session['_auth_user_id'])
+        user_auth_backend = request.session['_auth_user_backend']
 
         # Get the cache prefix
         key_version = cache.get('django:tos:key_version')
@@ -62,6 +63,11 @@ class UserAgreementMiddleware(deprecation.MiddlewareMixin if DJANGO_VERSION >= (
             cache.set('django:tos:agreed:{}'.format(user_id), user_agreed, version=key_version)
 
         if not user_agreed:
+            # Confirm view uses these session keys. Non-middleware flow sets them in login view,
+            # so we need to set them here.
+            request.session['tos_user'] = user_id
+            request.session['tos_backend'] = user_auth_backend
+
             response = HttpResponseRedirect(tos_check_url)
             add_never_cache_headers(response)
             return response