feat: 支持自定义认证 backend；统一其他认证方式的信号触发逻辑；通过配置文件控制

apps/authentication/backends/custom.py

@@ -17,6 +17,8 @@ class CustomAuthBackend(JMSModelBackend):
         return import_string(self.custom_auth_method_path)
 
     def is_enabled(self):
+        if not settings.AUTH_CUSTOM:
+            return False
         try:
             self.load_authenticate_method()
         except Exception as e:

apps/jumpserver/conf.py

@@ -224,6 +224,8 @@ class Config(dict):
         'CONNECTION_TOKEN_EXPIRATION': 5 * 60,
 
         # Custom Config
+        'AUTH_CUSTOM': False,
+
         # Auth LDAP settings
         'AUTH_LDAP': False,
         'AUTH_LDAP_SERVER_URI': 'ldap://localhost:389',

apps/jumpserver/settings/auth.py

@@ -2,7 +2,6 @@
 #
 import os
 import ldap
-from django.utils.translation import ugettext_lazy as _
 
 from ..const import CONFIG, PROJECT_DIR, BASE_DIR
 
@@ -197,7 +196,6 @@ AUTH_BACKEND_OAUTH2 = 'authentication.backends.oauth2.OAuth2Backend'
 AUTH_BACKEND_TEMP_TOKEN = 'authentication.backends.token.TempTokenAuthBackend'
 AUTH_BACKEND_CUSTOM = 'authentication.backends.custom.CustomAuthBackend'
 
-
 AUTHENTICATION_BACKENDS = [
     # 只做权限校验
     RBAC_BACKEND,
@@ -210,10 +208,13 @@ AUTHENTICATION_BACKENDS = [
     AUTH_BACKEND_WECOM, AUTH_BACKEND_DINGTALK, AUTH_BACKEND_FEISHU,
     # Token模式
     AUTH_BACKEND_AUTH_TOKEN, AUTH_BACKEND_SSO, AUTH_BACKEND_TEMP_TOKEN,
-    # 自定义模块
-    AUTH_BACKEND_CUSTOM
 ]
 
+AUTH_CUSTOM = CONFIG.AUTH_CUSTOM
+if AUTH_CUSTOM:
+    # 自定义认证模块
+    AUTHENTICATION_BACKENDS.append(AUTH_BACKEND_CUSTOM)
+
 AUTHENTICATION_BACKENDS_THIRD_PARTY = [AUTH_BACKEND_OIDC_CODE, AUTH_BACKEND_CAS, AUTH_BACKEND_SAML2, AUTH_BACKEND_OAUTH2]
 ONLY_ALLOW_EXIST_USER_AUTH = CONFIG.ONLY_ALLOW_EXIST_USER_AUTH
 ONLY_ALLOW_AUTH_FROM_SOURCE = CONFIG.ONLY_ALLOW_AUTH_FROM_SOURCE