diff --git a/apps/authentication/backends/passkey/fido.py b/apps/authentication/backends/passkey/fido.py index 0eaff2fa1..636b0bb79 100644 --- a/apps/authentication/backends/passkey/fido.py +++ b/apps/authentication/backends/passkey/fido.py @@ -48,7 +48,9 @@ def get_server_id_from_request(request, allowed=()): def default_server_id(request): - domains = settings.ALLOWED_DOMAINS + domains = list(settings.ALLOWED_DOMAINS) + if settings.SITE_URL: + domains.append(urlparse(settings.SITE_URL).hostname) return get_server_id_from_request(request, allowed=domains) diff --git a/apps/locale/ja/LC_MESSAGES/django.po b/apps/locale/ja/LC_MESSAGES/django.po index 33f1148e6..1dde8849b 100644 --- a/apps/locale/ja/LC_MESSAGES/django.po +++ b/apps/locale/ja/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2023-09-04 13:26+0800\n" +"POT-Creation-Date: 2023-09-12 15:41+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -2427,29 +2427,29 @@ msgstr "外部ストレージへのFTPファイルのアップロード" msgid "This action require verify your MFA" msgstr "この操作には、MFAを検証する必要があります" -#: authentication/api/connection_token.py:258 +#: authentication/api/connection_token.py:260 msgid "Reusable connection token is not allowed, global setting not enabled" msgstr "" "再使用可能な接続トークンの使用は許可されていません。グローバル設定は有効に" "なっていません" -#: authentication/api/connection_token.py:338 +#: authentication/api/connection_token.py:351 msgid "Anonymous account is not supported for this asset" msgstr "匿名アカウントはこのプロパティではサポートされていません" -#: authentication/api/connection_token.py:357 +#: authentication/api/connection_token.py:370 msgid "Account not found" msgstr "アカウントが見つかりません" -#: authentication/api/connection_token.py:360 +#: authentication/api/connection_token.py:373 msgid "Permission expired" msgstr "承認の有効期限が切れています" -#: authentication/api/connection_token.py:374 +#: authentication/api/connection_token.py:387 msgid "ACL action is reject: {}({})" msgstr "ACL アクションは拒否です: {}({})" -#: authentication/api/connection_token.py:378 +#: authentication/api/connection_token.py:391 msgid "ACL action is review" msgstr "ACL アクションはレビューです" @@ -2551,7 +2551,7 @@ msgstr "無効なトークンまたはキャッシュの更新。" msgid "Auth failed" msgstr "MFAに失敗しました" -#: authentication/backends/passkey/fido.py:146 +#: authentication/backends/passkey/fido.py:148 msgid "This key is not registered" msgstr "このキーは登録されていません" @@ -4874,15 +4874,15 @@ msgstr "SSLドメインのみがパスキー認証を使用できます" msgid "FIDO server ID" msgstr "FIDOサーバーID" -#: settings/serializers/auth/passkey.py:16 +#: settings/serializers/auth/passkey.py:17 msgid "" -"The hostname can using passkey auth, If not set, will use request host, If " -"multiple domains, use comma to separate" +"The hostname can using passkey auth, If not set, will use request host and " +"the request host in DOMAINS, If multiple domains, use comma to separate" msgstr "" -"ホスト名はパスキー認証を使用できます。設定されていない場合は、リクエストホス" -"トを使用します。複数のドメインの場合は、コンマで区切ってください。" +"パスキー認証を使用できるホスト名、設定されていない場合は、リクエストホストと" +"DOMAINSのリクエストホストを使用します。複数のドメインの場合は、カンマで区切ります" -#: settings/serializers/auth/passkey.py:19 +#: settings/serializers/auth/passkey.py:22 msgid "FIDO server name" msgstr "FIDOサーバー名" diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index af9421b8b..3e18b8225 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2023-09-04 13:26+0800\n" +"POT-Creation-Date: 2023-09-12 15:41+0800\n" "PO-Revision-Date: 2021-05-20 10:54+0800\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -2415,27 +2415,27 @@ msgstr "上传 FTP 文件到外部存储" msgid "This action require verify your MFA" msgstr "该操作需要验证您的 MFA, 请先开启并配置" -#: authentication/api/connection_token.py:258 +#: authentication/api/connection_token.py:260 msgid "Reusable connection token is not allowed, global setting not enabled" msgstr "不允许使用可重复使用的连接令牌,未启用全局设置" -#: authentication/api/connection_token.py:338 +#: authentication/api/connection_token.py:351 msgid "Anonymous account is not supported for this asset" msgstr "匿名账号不支持当前资产" -#: authentication/api/connection_token.py:357 +#: authentication/api/connection_token.py:370 msgid "Account not found" msgstr "账号未找到" -#: authentication/api/connection_token.py:360 +#: authentication/api/connection_token.py:373 msgid "Permission expired" msgstr "授权已过期" -#: authentication/api/connection_token.py:374 +#: authentication/api/connection_token.py:387 msgid "ACL action is reject: {}({})" msgstr "ACL 动作是拒绝: {}({})" -#: authentication/api/connection_token.py:378 +#: authentication/api/connection_token.py:391 msgid "ACL action is review" msgstr "ACL 动作是复核" @@ -2531,7 +2531,7 @@ msgstr "刷新的令牌或缓存无效。" msgid "Auth failed" msgstr "认证失败" -#: authentication/backends/passkey/fido.py:146 +#: authentication/backends/passkey/fido.py:148 msgid "This key is not registered" msgstr "此密钥未注册" @@ -4823,15 +4823,15 @@ msgstr "只有 SSL 域名可以使用 Passkey(通行密钥)认证" msgid "FIDO server ID" msgstr "Passkey 服务 ID" -#: settings/serializers/auth/passkey.py:16 +#: settings/serializers/auth/passkey.py:17 msgid "" -"The hostname can using passkey auth, If not set, will use request host, If " -"multiple domains, use comma to separate" +"The hostname can using passkey auth, If not set, will use request host and " +"the request host in DOMAINS, If multiple domains, use comma to separate" msgstr "" -"可以使用 Passkey 认证的域名,如果不设置,将使用请求主机, 如果有多个域名,使用" +"可以使用 Passkey 认证的域名,如果不设置,将使用请求主机(主机名在可信域 DOMAINS中), 如果有多个域名,使用" "逗号分隔, 不需要端口号" -#: settings/serializers/auth/passkey.py:19 +#: settings/serializers/auth/passkey.py:22 msgid "FIDO server name" msgstr "Passkey 服务名称" diff --git a/apps/settings/serializers/auth/passkey.py b/apps/settings/serializers/auth/passkey.py index e63a51e91..6d65da26b 100644 --- a/apps/settings/serializers/auth/passkey.py +++ b/apps/settings/serializers/auth/passkey.py @@ -13,7 +13,10 @@ class PasskeySettingSerializer(serializers.Serializer): ) FIDO_SERVER_ID = serializers.CharField( max_length=255, label=_('FIDO server ID'), required=False, allow_blank=True, - help_text=_('The hostname can using passkey auth, If not set, will use request host, ' - 'If multiple domains, use comma to separate') + help_text=_( + 'The hostname can using passkey auth, If not set, ' + 'will use request host and the request host in DOMAINS, ' + 'If multiple domains, use comma to separate' + ) ) FIDO_SERVER_NAME = serializers.CharField(max_length=255, label=_('FIDO server name'))