From 9554de4ea6f74d1c9140570cce4b90bb2e099261 Mon Sep 17 00:00:00 2001 From: Bai Date: Wed, 28 Aug 2024 14:57:00 +0800 Subject: [PATCH] fix: User check password need reset --- apps/authentication/mixins.py | 4 ++-- apps/users/models/user/_auth.py | 12 ++++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/apps/authentication/mixins.py b/apps/authentication/mixins.py index 99526e156..dd7713432 100644 --- a/apps/authentication/mixins.py +++ b/apps/authentication/mixins.py @@ -319,14 +319,14 @@ class AuthPostCheckMixin: @classmethod def _check_passwd_is_too_simple(cls, user: User, password): - if password == 'admin' or password == 'ChangeMe': + if user.check_passwd_too_simple(password): message = _('Your password is too simple, please change it for security') url = cls.generate_reset_password_url_with_flash_msg(user, message=message) raise errors.PasswordTooSimple(url) @classmethod def _check_passwd_need_update(cls, user: User): - if user.need_update_password: + if user.check_need_update_password(): message = _('You should to change your password before login') url = cls.generate_reset_password_url_with_flash_msg(user, message) raise errors.PasswordNeedUpdate(url) diff --git a/apps/users/models/user/_auth.py b/apps/users/models/user/_auth.py index cd38dda51..94d03c097 100644 --- a/apps/users/models/user/_auth.py +++ b/apps/users/models/user/_auth.py @@ -228,6 +228,18 @@ class AuthMixin: return True return False + def check_need_update_password(self): + if self.is_local and self.need_update_password: + return True + return False + + def check_passwd_too_simple(self, password): + backend = getattr(self, 'backend', None) + simple_passwords = ['admin', 'ChangeMe'] + if backend == settings.AUTH_BACKEND_MODEL and password in simple_passwords: + return True + return False + @staticmethod def get_public_key_md5(key): try: