github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

fix: Password reset is only required for AUTH_BACKEND_MODEL

pull/14198/head
wangruidong 2 months ago committed by Bryan
parent
e373a79d63
commit
3dde80a60a
2 changed files with 14 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      apps/authentication/mixins.py
  2. 10
      apps/users/models/user/_auth.py

7
apps/authentication/mixins.py
Unescape View File

@ -301,6 +301,7 @@ class MFAMixin:
class AuthPostCheckMixin:
@classmethod
def generate_reset_password_url_with_flash_msg(cls, user, message):
reset_passwd_url = reverse('authentication:reset-password')
@ -319,6 +320,8 @@ class AuthPostCheckMixin:
@classmethod
def _check_passwd_is_too_simple(cls, user: User, password):
if not user.is_auth_backend_model():
return
if user.check_passwd_too_simple(password):
message = _('Your password is too simple, please change it for security')
url = cls.generate_reset_password_url_with_flash_msg(user, message=message)
@ -326,6 +329,8 @@ class AuthPostCheckMixin:
@classmethod
def _check_passwd_need_update(cls, user: User):
if not user.is_auth_backend_model():
return
if user.check_need_update_password():
message = _('You should to change your password before login')
url = cls.generate_reset_password_url_with_flash_msg(user, message)
@ -333,6 +338,8 @@ class AuthPostCheckMixin:
@classmethod
def _check_password_require_reset_or_not(cls, user: User):
if not user.is_auth_backend_model():
return
if user.password_has_expired:
message = _('Your password has expired, please reset before logging in')
url = cls.generate_reset_password_url_with_flash_msg(user, message)

10
apps/users/models/user/_auth.py
Unescape View File

@ -233,13 +233,17 @@ class AuthMixin:
return True
return False
def check_passwd_too_simple(self, password):
backend = getattr(self, 'backend', None)
@staticmethod
def check_passwd_too_simple(password):
simple_passwords = ['admin', 'ChangeMe']
if backend == settings.AUTH_BACKEND_MODEL and password in simple_passwords:
if password in simple_passwords:
return True
return False
def is_auth_backend_model(self):
backend = getattr(self, 'backend', None)
return backend == settings.AUTH_BACKEND_MODEL
@staticmethod
def get_public_key_md5(key):
try:

Write Preview
Loading…
Cancel
Save