github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: Password reset is only required for AUTH_BACKEND_MODEL

pull/14198/head
wangruidong 2024-09-18 18:09:21 +08:00 committed by Bryan
parent e373a79d63
commit 3dde80a60a
2 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apps/authentication/mixins.py
View File

@ -301,6 +301,7 @@ class MFAMixin:
class AuthPostCheckMixin:
@classmethod
def generate_reset_password_url_with_flash_msg(cls, user, message):
reset_passwd_url = reverse('authentication:reset-password')
@ -319,6 +320,8 @@ class AuthPostCheckMixin:
@classmethod
def _check_passwd_is_too_simple(cls, user: User, password):
if not user.is_auth_backend_model():
return
if user.check_passwd_too_simple(password):
message = _('Your password is too simple, please change it for security')
url = cls.generate_reset_password_url_with_flash_msg(user, message=message)
@ -326,6 +329,8 @@ class AuthPostCheckMixin:
@classmethod
def _check_passwd_need_update(cls, user: User):
if not user.is_auth_backend_model():
return
if user.check_need_update_password():
message = _('You should to change your password before login')
url = cls.generate_reset_password_url_with_flash_msg(user, message)
@ -333,6 +338,8 @@ class AuthPostCheckMixin:
@classmethod
def _check_password_require_reset_or_not(cls, user: User):
if not user.is_auth_backend_model():
return
if user.password_has_expired:
message = _('Your password has expired, please reset before logging in')
url = cls.generate_reset_password_url_with_flash_msg(user, message)

10
apps/users/models/user/_auth.py
View File

@ -233,13 +233,17 @@ class AuthMixin:
return True
return False
def check_passwd_too_simple(self, password):
backend = getattr(self, 'backend', None)
@staticmethod
def check_passwd_too_simple(password):
simple_passwords = ['admin', 'ChangeMe']
if backend == settings.AUTH_BACKEND_MODEL and password in simple_passwords:
if password in simple_passwords:
return True
return False
def is_auth_backend_model(self):
backend = getattr(self, 'backend', None)
return backend == settings.AUTH_BACKEND_MODEL
@staticmethod
def get_public_key_md5(key):
try: