habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a36cc820bdd33ce39b487e43acf7f9b131e79fca
authentik/website/docs/expressions/_functions.md
Tana M Berry 6d5172d18a website: latest PR for new Docs structure (#11639) 
* first pass

* dependency shenanigans

* move blueprints

* few broken links

* change config the throw errors

* internal file edits

* fighting links

* remove sidebarDev

* fix subdomain

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix relative URL

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix mismatched package versions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api reference build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* test tweak

* links hell

* more links hell

* links hell2

* yep last of the links

* last broken link fixed

* re-add cves

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add devdocs redirects

* add dir

* tweak netlify.toml

* move latest 2 CVES into dir

* fix links to moved cves

* typoed title fix

* fix link

* remove banner

* remove committed api docs

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* integrations: remove version dropdown

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Update Makefile

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* change doc links in web as well

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix some more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* ci: require ci-web.build for merging

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Revert "ci: require ci-web.build for merging"

This reverts commit b99a4842a9.

* remove sluf for Application

* put slug back in

* minor fix to trigger deploy

* Spelled out Documentation in menu bar

* remove image redirects...

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove explicit index.md

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove mdx first

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* then remove .md

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add missing prefix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2024-10-09 09:33:40 -05:00

137 lines
4.2 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

### `regex_match(value: Any, regex: str) -> bool`
Check if `value` matches Regular Expression `regex`.
Example:
```python
return regex_match(request.user.username, '.*admin.*')
```
### `regex_replace(value: Any, regex: str, repl: str) -> str`
Replace anything matching `regex` within `value` with `repl` and return it.
Example:
```python
user_email_local = regex_replace(request.user.email, '(.+)@.+', '')
```
### `list_flatten(value: list[Any] | Any) -> Optional[Any]`
Flatten a list by either returning its first element, None if the list is empty, or the passed in object if its not a list.
Example:
```python
user = list_flatten(["foo"])
# user = "foo"
```
### `ak_call_policy(name: str, **kwargs) -> PolicyResult` <span class="badge badge--version">authentik 2021.12+</span>
Call another policy with the name _name_. Current request is passed to policy. Key-word arguments
can be used to modify the request's context.
Example:
```python
result = ak_call_policy("test-policy")
# result is a PolicyResult object, so you can access `.passing` and `.messages`.
# Starting with authentik 2023.4 you can also access `.raw_result`, which is the raw value returned from the called policy
# `result.passing` will always be a boolean if the policy is passing or not.
return result.passing
result = ak_call_policy("test-policy-2", foo="bar")
# Inside the `test-policy-2` you can then use `request.context["foo"]`
return result.passing
```
### `ak_is_group_member(user: User, **group_filters) -> bool`
Check if `user` is member of a group matching `**group_filters`.
Example:
```python
return ak_is_group_member(request.user, name="test_group")
```
### `ak_user_by(**filters) -> Optional[User]`
Fetch a user matching `**filters`.
Returns "None" if no user was found, otherwise returns the [User](/docs/users-sources/user) object.
Example:
```python
other_user = ak_user_by(username="other_user")
```
### `ak_user_has_authenticator(user: User, device_type: Optional[str] = None) -> bool` <span class="badge badge--version">authentik 2022.9+</span>
Check if a user has any authenticator devices. Only fully validated devices are counted.
Optionally, you can filter a specific device type. The following options are valid:
- `totp`
- `duo`
- `static`
- `webauthn`
Example:
```python
return ak_user_has_authenticator(request.user)
```
### `ak_create_event(action: str, **kwargs) -> None` <span class="badge badge--version">authentik 2022.9+</span>
Create a new event with the action set to `action`. Any additional key-word parameters will be saved in the event context. Additionally, `context` will be set to the context in which this function is called.
Before saving, any data-structure which are not representable in JSON are flattened, and credentials are removed.
The event is saved automatically
Example:
```python
ak_create_event("my_custom_event", foo=request.user)
```
## Comparing IP Addresses
To compare IP Addresses or check if an IP Address is within a given subnet, you can use the functions `ip_address('192.0.2.1')` and `ip_network('192.0.2.0/24')`. With these objects you can do [arithmetic operations](https://docs.python.org/3/library/ipaddress.html#operators).
You can also check if an IP Address is within a subnet by writing the following:
```python
ip_address('192.0.2.1') in ip_network('192.0.2.0/24')
# evaluates to True
```
## DNS resolution and reverse DNS lookups <span class="badge badge--version">authentik 2023.3+</span>
To resolve a hostname to a list of IP addresses, use the functions `resolve_dns(hostname)` and `resolve_dns(hostname, ip_version)`.
```python
resolve_dns("google.com") # return a list of all IPv4 and IPv6 addresses
resolve_dns("google.com", 4) # return a list of only IP4 addresses
resolve_dns("google.com", 6) # return a list of only IP6 addresses
```
You can also do reverse DNS lookups.
:::note
Reverse DNS lookups may not return the expected host if the IP address is part of a shared hosting environment.
See: https://stackoverflow.com/a/19867936
:::
To perform a reverse DNS lookup use `reverse_dns("192.0.2.0")`. If no DNS records are found the original IP address is returned.
:::info
DNS resolving results are cached in memory. The last 32 unique queries are cached for up to 3 minutes.
:::
Reference in New Issue View Git Blame Copy Permalink