0004-views-user-enabling-of-authentication-factors-33550.patch
src/authentic2/migrations/0025_auto_20190502_1558.py | ||
---|---|---|
1 |
# -*- coding: utf-8 -*- |
|
2 |
# Generated by Django 1.11.18 on 2019-05-02 13:58 |
|
3 |
from __future__ import unicode_literals |
|
4 | ||
5 |
from django.conf import settings |
|
6 |
from django.db import migrations, models |
|
7 |
import django.db.models.deletion |
|
8 | ||
9 | ||
10 |
class Migration(migrations.Migration): |
|
11 | ||
12 |
dependencies = [ |
|
13 |
migrations.swappable_dependency(settings.AUTH_USER_MODEL), |
|
14 |
('custom_user', '0016_auto_20180925_1107'), |
|
15 |
('authentic2', '0023_auto_20181031_0900'), |
|
16 |
] |
|
17 | ||
18 |
operations = [ |
|
19 |
migrations.CreateModel( |
|
20 |
name='EnabledAuthFactor', |
|
21 |
fields=[ |
|
22 |
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), |
|
23 |
('authenticator_id', models.CharField(max_length=50)), |
|
24 |
], |
|
25 |
), |
|
26 |
migrations.AddField( |
|
27 |
model_name='enabledauthfactor', |
|
28 |
name='user', |
|
29 |
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='enabled_auth_factors', to=settings.AUTH_USER_MODEL, verbose_name='user'), |
|
30 |
), |
|
31 |
migrations.AlterUniqueTogether( |
|
32 |
name='enabledauthfactor', |
|
33 |
unique_together=set([('user', 'authenticator_id')]), |
|
34 |
), |
|
35 |
] |
src/authentic2/models.py | ||
---|---|---|
77 | 77 |
verbose_name_plural = _('user external ids') |
78 | 78 | |
79 | 79 | |
80 |
class EnabledAuthFactor(models.Model): |
|
81 |
user = models.ForeignKey(settings.AUTH_USER_MODEL, |
|
82 |
verbose_name=_('user'), |
|
83 |
related_name='enabled_auth_factors') |
|
84 |
authenticator_id = models.CharField(max_length=50) |
|
85 | ||
86 |
class Meta: |
|
87 |
unique_together = ('user', 'authenticator_id') |
|
88 | ||
89 | ||
80 | 90 |
@six.python_2_unicode_compatible |
81 | 91 |
class AuthenticationEvent(models.Model): |
82 | 92 |
'''Record authentication events whatever the source''' |
src/authentic2/views.py | ||
---|---|---|
300 | 300 | |
301 | 301 |
authenticators = utils.get_backends('AUTH_FRONTENDS', target_auth_level) |
302 | 302 | |
303 |
if target_auth_level > 1: |
|
304 |
# Filter authenticators enabled by the user |
|
305 |
authenticator_ids = set(request.user.enabled_auth_factors.values_list( |
|
306 |
'authenticator_id', flat=True)) |
|
307 |
authenticators = [a for a in authenticators if a.id in authenticator_ids] |
|
308 |
if not authenticators: |
|
309 |
messages.info(request, _('In order to continue you need to setup ' |
|
310 |
'a new authentication factor.')) |
|
311 |
return utils.redirect(request, 'account_management', |
|
312 |
keep_params=True) |
|
313 | ||
303 | 314 |
blocks = [] |
304 | 315 | |
305 | 316 |
registration_url = utils.get_registration_url( |
... | ... | |
418 | 429 | |
419 | 430 |
def get_context_data(self, **kwargs): |
420 | 431 |
context = super(ProfileView, self).get_context_data(**kwargs) |
421 |
frontends = utils.get_backends('AUTH_FRONTENDS', required_auth_level=0) |
|
422 | ||
423 | 432 |
request = self.request |
433 |
auth_level = int(request.GET.get('auth_level', 0)) |
|
434 |
frontends = utils.get_backends('AUTH_FRONTENDS', required_auth_level=auth_level) |
|
424 | 435 | |
425 | 436 |
if request.method == "POST": |
426 | 437 |
for frontend in frontends: |
... | ... | |
518 | 529 |
# TODO: deprecated should be removed when publik-base-theme is updated |
519 | 530 |
'allow_password_change': utils.user_can_change_password(request=request), |
520 | 531 |
'federation_management': federation_management, |
532 |
'auth_level': auth_level, |
|
521 | 533 |
}) |
522 | 534 |
hooks.call_hooks('modify_context_data', self, context) |
523 | 535 |
return context |
524 |
- |