diff --git a/apps/applications/api/application.py b/apps/applications/api/application.py
index 867a8ddd3..1933f6280 100644
--- a/apps/applications/api/application.py
+++ b/apps/applications/api/application.py
@@ -1,11 +1,11 @@
# coding: utf-8
#
-
from orgs.mixins.api import OrgBulkModelViewSet
from ..hands import IsOrgAdminOrAppUser
from .. import serializers
from ..models import Application
+from applications.filters import ApplicationFilter
__all__ = ['ApplicationViewSet']
@@ -13,7 +13,7 @@ __all__ = ['ApplicationViewSet']
class ApplicationViewSet(OrgBulkModelViewSet):
model = Application
- filterset_fields = ('name', 'type', 'category')
- search_fields = filterset_fields
+ filterset_class = ApplicationFilter
+ search_fields = ('name', 'type', 'category')
permission_classes = (IsOrgAdminOrAppUser,)
serializer_class = serializers.ApplicationSerializer
diff --git a/apps/applications/filters.py b/apps/applications/filters.py
new file mode 100644
index 000000000..948fa9187
--- /dev/null
+++ b/apps/applications/filters.py
@@ -0,0 +1,12 @@
+from django_filters import rest_framework as filters
+
+from .models import Application
+from applications import const
+
+
+class ApplicationFilter(filters.FilterSet):
+ type = filters.MultipleChoiceFilter(choices=const.ApplicationTypeChoices.choices)
+
+ class Meta:
+ model = Application
+ fields = ['id', 'name', 'category', 'type', 'comment']
diff --git a/apps/authentication/api/connection_token.py b/apps/authentication/api/connection_token.py
index a160eea92..0f70d59ab 100644
--- a/apps/authentication/api/connection_token.py
+++ b/apps/authentication/api/connection_token.py
@@ -97,10 +97,10 @@ class UserConnectionTokenViewSet(RootOrgViewMixin, SerializerMixin, GenericViewS
options = {
'full address:s': '',
'username:s': '',
- 'screen mode id:i': '0',
+ 'screen mode id:i': '1',
# 'desktopwidth:i': '1280',
# 'desktopheight:i': '800',
- 'use multimon:i': '1',
+ 'use multimon:i': '0',
'session bpp:i': '32',
'audiomode:i': '0',
'disable wallpaper:i': '0',
diff --git a/apps/authentication/views/login.py b/apps/authentication/views/login.py
index 0aa9f90b5..0eef00579 100644
--- a/apps/authentication/views/login.py
+++ b/apps/authentication/views/login.py
@@ -46,24 +46,44 @@ class UserLoginView(mixins.AuthMixin, FormView):
return None
next_url = request.GET.get('next') or '/'
auth_type = ''
- auth_url = ''
+
if settings.AUTH_OPENID:
auth_type = 'OIDC'
- auth_url = reverse(settings.AUTH_OPENID_AUTH_LOGIN_URL_NAME) + f'?next={next_url}'
- elif settings.AUTH_CAS:
+ openid_auth_url = reverse(settings.AUTH_OPENID_AUTH_LOGIN_URL_NAME) + f'?next={next_url}'
+ else:
+ openid_auth_url = None
+
+ if settings.AUTH_CAS:
auth_type = 'CAS'
- auth_url = reverse(settings.CAS_LOGIN_URL_NAME) + f'?next={next_url}'
- if not auth_url:
+ cas_auth_url = reverse(settings.CAS_LOGIN_URL_NAME) + f'?next={next_url}'
+ else:
+ cas_auth_url = None
+
+ if not any([openid_auth_url, cas_auth_url]):
return None
- message_data = {
- 'title': _('Redirecting'),
- 'message': _("Redirecting to {} authentication").format(auth_type),
- 'redirect_url': auth_url,
- 'has_cancel': True,
- 'cancel_url': reverse('authentication:login') + '?admin=1'
- }
- redirect_url = FlashMessageUtil.gen_message_url(message_data)
+ if settings.LOGIN_REDIRECT_TO_BACKEND == 'OPENID' and openid_auth_url:
+ auth_url = openid_auth_url
+
+ elif settings.LOGIN_REDIRECT_TO_BACKEND == 'CAS' and cas_auth_url:
+ auth_url = cas_auth_url
+
+ else:
+ auth_url = openid_auth_url or cas_auth_url
+
+ if settings.LOGIN_REDIRECT_TO_BACKEND:
+ redirect_url = auth_url
+ else:
+ message_data = {
+ 'title': _('Redirecting'),
+ 'message': _("Redirecting to {} authentication").format(auth_type),
+ 'redirect_url': auth_url,
+ 'interval': 3,
+ 'has_cancel': True,
+ 'cancel_url': reverse('authentication:login') + '?admin=1'
+ }
+ redirect_url = FlashMessageUtil.gen_message_url(message_data)
+
query_string = request.GET.urlencode()
redirect_url = "{}&{}".format(redirect_url, query_string)
return redirect_url
diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py
index 8d25bc2dd..e1d6ead47 100644
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@@ -307,6 +307,7 @@ class Config(dict):
'SESSION_EXPIRE_AT_BROWSER_CLOSE_FORCE': False,
'FORGOT_PASSWORD_URL': '',
'HEALTH_CHECK_TOKEN': '',
+ 'LOGIN_REDIRECT_TO_BACKEND': None, # 'OPENID / CAS
'TERMINAL_RDP_ADDR': ''
}
diff --git a/apps/jumpserver/settings/custom.py b/apps/jumpserver/settings/custom.py
index ae4e4fdad..226aedc62 100644
--- a/apps/jumpserver/settings/custom.py
+++ b/apps/jumpserver/settings/custom.py
@@ -129,3 +129,5 @@ HEALTH_CHECK_TOKEN = CONFIG.HEALTH_CHECK_TOKEN
TERMINAL_RDP_ADDR = CONFIG.TERMINAL_RDP_ADDR
SECURITY_LUNA_REMEMBER_AUTH = CONFIG.SECURITY_LUNA_REMEMBER_AUTH
SECURITY_WATERMARK_ENABLED = CONFIG.SECURITY_WATERMARK_ENABLED
+
+LOGIN_REDIRECT_TO_BACKEND = CONFIG.LOGIN_REDIRECT_TO_BACKEND
diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo
index af2301013..87aa477f5 100644
Binary files a/apps/locale/zh/LC_MESSAGES/django.mo and b/apps/locale/zh/LC_MESSAGES/django.mo differ
diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po
index 1922354d7..5568da58c 100644
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@@ -4028,17 +4028,17 @@ msgid "name not unique"
msgstr "名称重复"
#: users/templates/users/_base_otp.html:14
-msgid "Security token validation"
-msgstr "安全令牌验证"
+msgid "Please enter the password of"
+msgstr "请输入"
#: users/templates/users/_base_otp.html:14 xpack/plugins/cloud/models.py:78
#: xpack/plugins/cloud/serializers.py:178
-msgid "Account"
+msgid "account"
msgstr "账户"
#: users/templates/users/_base_otp.html:14
-msgid "Follow these steps to complete the binding operation"
-msgstr "请按照以下步骤完成绑定操作"
+msgid "to complete the binding operation"
+msgstr "的密码完成绑定操作"
#: users/templates/users/_granted_assets.html:7
msgid "Loading"
diff --git a/apps/perms/api/application/application_permission.py b/apps/perms/api/application/application_permission.py
index e7b449b5a..700b5384d 100644
--- a/apps/perms/api/application/application_permission.py
+++ b/apps/perms/api/application/application_permission.py
@@ -1,6 +1,7 @@
# -*- coding: utf-8 -*-
#
from applications.models import Application
+from applications.filters import ApplicationFilter
from perms.models import ApplicationPermission
from perms import serializers
from ..base import BasePermissionViewSet
@@ -12,8 +13,8 @@ class ApplicationPermissionViewSet(BasePermissionViewSet):
"""
model = ApplicationPermission
serializer_class = serializers.ApplicationPermissionSerializer
- filterset_fields = ['name', 'category', 'type']
- search_fields = filterset_fields
+ filterset_class = ApplicationFilter
+ search_fields = ['name', 'category', 'type']
custom_filter_fields = BasePermissionViewSet.custom_filter_fields + [
'application_id', 'application'
]
diff --git a/apps/perms/api/application/user_permission/user_permission_applications.py b/apps/perms/api/application/user_permission/user_permission_applications.py
index 6916f6f29..5e5c27d22 100644
--- a/apps/perms/api/application/user_permission/user_permission_applications.py
+++ b/apps/perms/api/application/user_permission/user_permission_applications.py
@@ -3,6 +3,7 @@
from rest_framework.generics import ListAPIView
from rest_framework.response import Response
+from applications.filters import ApplicationFilter
from common.mixins.api import CommonApiMixin
from applications.api.mixin import (
SerializeApplicationToTreeNodeMixin
@@ -25,7 +26,7 @@ __all__ = [
class AllGrantedApplicationsMixin(CommonApiMixin, ListAPIView):
only_fields = serializers.ApplicationGrantedSerializer.Meta.only_fields
serializer_class = serializers.ApplicationGrantedSerializer
- filterset_fields = ['id', 'name', 'category', 'type', 'comment']
+ filterset_class = ApplicationFilter
search_fields = ['name', 'comment']
user: None
diff --git a/apps/users/templates/users/_base_otp.html b/apps/users/templates/users/_base_otp.html
index a9589c50b..cac472621 100644
--- a/apps/users/templates/users/_base_otp.html
+++ b/apps/users/templates/users/_base_otp.html
@@ -11,7 +11,7 @@
</h2>
</div>
<div>
- <div class="verify">{% trans 'Security token validation' %} {% trans 'Account' %} <span>{{ user.username }}</span> {% trans 'Follow these steps to complete the binding operation' %}</div>
+ <div class="verify">{% trans 'Please enter the password of' %} {% trans 'account' %} <span>{{ user.username }}</span> {% trans 'to complete the binding operation' %}</div>
<hr style="width: 500px; margin: auto; margin-top: 10px;">
{% block content %}
{% endblock %}