Project

General

Profile

0001-ldap-override-password_change-route-with-a-URL-in-ap.patch

Loïc Dachary, 18 March 2021 12:04 PM

Download (2.62 KB)

View differences:

Subject: [PATCH] ldap: override password_change route with a URL in
 app_settings

Fixes: https://dev.entrouvert.org/issues/52183

License: MIT
 src/authentic2/app_settings.py   | 3 +++
 src/authentic2/authenticators.py | 3 ++-
 tests/test_ldap.py               | 8 ++++++++
 3 files changed, 13 insertions(+), 1 deletion(-)
src/authentic2/app_settings.py
139 139
    A2_USER_CAN_RESET_PASSWORD=Setting(
140 140
        default=None,
141 141
        definition='Allow online reset of passwords'),
142
    A2_EXTERNAL_CHANGE_PASSWORD_URL=Setting(
143
        default=None,
144
        definition='Redirect URL when a password change is required'),
142 145
    A2_RESET_PASSWORD_ID_LABEL=Setting(
143 146
        default=None,
144 147
        definition='Alternate ID label for the password reset form'),
src/authentic2/authenticators.py
134 134

  
135 135
                if hasattr(request, 'needs_password_change'):
136 136
                    del request.needs_password_change
137
                    return utils.redirect(request, 'password_change', params={'next': response.url}, resolve=True)
137
                    url = app_settings.A2_EXTERNAL_CHANGE_PASSWORD_URL or 'password_change'
138
                    return utils.redirect(request, url, params={'next': response.url}, resolve=True)
138 139

  
139 140
                return response
140 141
            else:
tests/test_ldap.py
1186 1186
    response = response.form.submit('login-password-submit')
1187 1187
    assert '/password/change/' in response['Location']
1188 1188

  
1189
    response = app.get('/login/')
1190
    response.form['username'] = USERNAME
1191
    response.form['password'] = password
1192
    settings.A2_EXTERNAL_CHANGE_PASSWORD_URL = 'http://example.com'
1193
    settings.A2_REDIRECT_WHITELIST = ('http://example.com',)
1194
    response = response.form.submit('login-password-submit')
1195
    assert 'example.com' in response['Location']
1196

  
1189 1197

  
1190 1198
def test_authenticate_ppolicy_pwdAllowUserChange(slapd_ppolicy, settings, db, caplog):
1191 1199
    settings.LDAP_AUTH_SETTINGS = [{
1192
-