0001-misc-set-unusable-password-on-federated-users-48136.patch
src/authentic2_auth_fc/backends.py | ||
---|---|---|
51 | 51 |
if not user and app_settings.create: |
52 | 52 |
User = get_user_model() |
53 | 53 |
user = User.objects.create(ou=get_default_ou()) |
54 |
user.set_unusable_password() |
|
54 | 55 |
try: |
55 | 56 |
models.FcAccount.objects.create( |
56 | 57 |
user=user, |
src/authentic2_auth_oidc/backends.py | ||
---|---|---|
241 | 241 |
pass |
242 | 242 |
if not user: |
243 | 243 |
user = User.objects.create(ou=provider.ou) |
244 |
user.set_unusable_password() |
|
244 | 245 |
created = True |
245 | 246 |
oidc_account, created = models.OIDCAccount.objects.get_or_create( |
246 | 247 |
provider=provider, |
src/authentic2_auth_saml/adapters.py | ||
---|---|---|
65 | 65 | |
66 | 66 |
class AuthenticAdapter(DefaultAdapter): |
67 | 67 |
def create_user(self, user_class): |
68 |
return user_class.objects.create() |
|
68 |
user = user_class() |
|
69 |
user.set_unusable_password() |
|
70 |
user.save() |
|
71 |
return user |
|
69 | 72 | |
70 | 73 |
def finish_create_user(self, idp, saml_attributes, user): |
71 | 74 |
try: |
tests/auth_fc/test_auth_fc.py | ||
---|---|---|
203 | 203 | |
204 | 204 | |
205 | 205 |
def test_no_password_with_fc_account_can_reset_password(app, db, mailoutbox): |
206 |
user = User.objects.create(email='john.doe@example.com') |
|
206 |
user = User(email='john.doe@example.com') |
|
207 |
user.set_unusable_password() |
|
208 |
user.save() |
|
207 | 209 |
# No FC account, forbidden to set a password |
208 | 210 |
response = app.get('/login/') |
209 | 211 |
response = response.click('Reset it!').maybe_follow() |
tests/test_migrations.py | ||
---|---|---|
16 | 16 | |
17 | 17 |
import mock |
18 | 18 | |
19 |
from django.contrib.auth.models import AbstractUser |
|
19 | 20 |
from django.db.utils import ProgrammingError |
20 | 21 | |
21 | 22 | |
... | ... | |
49 | 50 |
with mock.patch('django.db.backends.postgresql.schema.DatabaseSchemaEditor.execute') as mocked: |
50 | 51 |
mocked.side_effect = programming_error |
51 | 52 |
migration.apply([('authentic2', '0028_trigram_unaccent_index')]) |
53 | ||
54 | ||
55 |
def test_migration_custom_user_0021_set_unusable_password(transactional_db, migration): |
|
56 |
old_apps = migration.before([('custom_user', '0020_deleteduser')]) |
|
57 | ||
58 |
User = old_apps.get_model('custom_user', 'User') |
|
59 |
user = User.objects.create() |
|
60 |
assert user.password == '' |
|
61 | ||
62 |
new_apps = migration.apply([('custom_user', '0021_set_unusable_password')]) |
|
63 |
User = new_apps.get_model('custom_user', 'User') |
|
64 |
user = User.objects.get() |
|
65 |
assert not AbstractUser.has_usable_password(user) |
|
52 |
- |