habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

create SSOLoginPolicy, which allows factors to be applied when user comes from SSO login

Browse Source 
implement SESSIION_IS_SSO_LOGIN for OAuth Client and core MFA
This commit is contained in:
Jens Langhammer
2019-04-29 23:19:37 +02:00
parent b46958d1f9
commit 5d1a3043b2
5 changed files with 76 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
passbook/core/models.py
View File

@ -165,9 +165,10 @@ class Source(PolicyModel):
name = models.TextField()
slug = models.SlugField()
form = '' # ModelForm-based class ued to create/edit instance
enabled = models.BooleanField(default=True)
form = '' # ModelForm-based class ued to create/edit instance
objects = InheritanceManager()
@property
@ -409,6 +410,21 @@ class GroupMembershipPolicy(Policy):
verbose_name = _('Group Membership Policy')
verbose_name_plural = _('Group Membership Policies')
class SSOLoginPolicy(Policy):
"""Policy that applies to users that have authenticated themselves through SSO"""
form = 'passbook.core.forms.policies.SSOLoginPolicyForm'
def passes(self, user):
"""Check if user instance passes this policy"""
from passbook.core.auth.view import AuthenticationView
return user.session.get(AuthenticationView.SESSION_IS_SSO_LOGIN, False), ""
class Meta:
verbose_name = _('SSO Login Policy')
verbose_name_plural = _('SSO Login Policies')
class Invitation(UUIDModel):
"""Single-use invitation link"""