stages/user_login: session binding (#7881)
* start with user_login stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # authentik/root/settings.py * fix and improve logout event Signed-off-by: Jens Langhammer <jens@goauthentik.io> * lint pass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update authenticated session when IP changes and binding doesn't break Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs, always keep old and new IP in event Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-gen api schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L
@ -10,7 +10,7 @@ import { msg } from "@lit/localize";
|
||||
import { TemplateResult, html } from "lit";
|
||||
import { customElement } from "lit/decorators.js";
|
||||
|
||||
import { StagesApi, UserLoginStage } from "@goauthentik/api";
|
||||
import { GeoipBindingEnum, NetworkBindingEnum, StagesApi, UserLoginStage } from "@goauthentik/api";
|
||||
|
||||
@customElement("ak-stage-user-login-form")
|
||||
export class UserLoginStageForm extends BaseStageForm<UserLoginStage> {
|
||||
@ -93,6 +93,74 @@ export class UserLoginStageForm extends BaseStageForm<UserLoginStage> {
|
||||
</p>
|
||||
<ak-utils-time-delta-help></ak-utils-time-delta-help>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${msg("Network binding")}
|
||||
?required=${true}
|
||||
name="networkBinding"
|
||||
>
|
||||
<ak-radio
|
||||
.options=${[
|
||||
{
|
||||
label: msg("No binding"),
|
||||
value: NetworkBindingEnum.NoBinding,
|
||||
},
|
||||
{
|
||||
label: msg("Bind ASN"),
|
||||
value: NetworkBindingEnum.BindAsn,
|
||||
default: true,
|
||||
},
|
||||
{
|
||||
label: msg("Bind ASN and Network"),
|
||||
value: NetworkBindingEnum.BindAsnNetwork,
|
||||
},
|
||||
{
|
||||
label: msg("Bind ASN, Network and IP"),
|
||||
value: NetworkBindingEnum.BindAsnNetworkIp,
|
||||
},
|
||||
]}
|
||||
.value=${this.instance?.networkBinding}
|
||||
>
|
||||
</ak-radio>
|
||||
<p class="pf-c-form__helper-text">
|
||||
${msg(
|
||||
"Configure if sessions created by this stage should be bound to the Networks they were created in.",
|
||||
)}
|
||||
</p>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${msg("GeoIP binding")}
|
||||
?required=${true}
|
||||
name="geoipBinding"
|
||||
>
|
||||
<ak-radio
|
||||
.options=${[
|
||||
{
|
||||
label: msg("No binding"),
|
||||
value: GeoipBindingEnum.NoBinding,
|
||||
},
|
||||
{
|
||||
label: msg("Bind Continent"),
|
||||
value: GeoipBindingEnum.BindContinent,
|
||||
default: true,
|
||||
},
|
||||
{
|
||||
label: msg("Bind Continent and Country"),
|
||||
value: GeoipBindingEnum.BindContinentCountry,
|
||||
},
|
||||
{
|
||||
label: msg("Bind Continent, Country and City"),
|
||||
value: GeoipBindingEnum.BindContinentCountryCity,
|
||||
},
|
||||
]}
|
||||
.value=${this.instance?.geoipBinding}
|
||||
>
|
||||
</ak-radio>
|
||||
<p class="pf-c-form__helper-text">
|
||||
${msg(
|
||||
"Configure if sessions created by this stage should be bound to their GeoIP-based location",
|
||||
)}
|
||||
</p>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal name="terminateOtherSessions">
|
||||
<label class="pf-c-switch">
|
||||
<input
|
||||
|
||||
Reference in New Issue
Block a user