From 2c46072db23a249d55c9741d1d69d9531efb9cc3 Mon Sep 17 00:00:00 2001 From: ibuler Date: Thu, 16 Sep 2021 19:06:16 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8Dserializer=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/forms.py | 4 ++-- apps/authentication/mixins.py | 5 ++++- apps/authentication/views/login.py | 8 ++++---- apps/settings/serializers/security.py | 2 +- apps/users/models/user.py | 1 + 5 files changed, 12 insertions(+), 8 deletions(-) diff --git a/apps/authentication/forms.py b/apps/authentication/forms.py index 948ceabff..d4c1375e6 100644 --- a/apps/authentication/forms.py +++ b/apps/authentication/forms.py @@ -67,9 +67,9 @@ class ChallengeMixin(forms.Form): def get_user_login_form_cls(*, captcha=False): bases = [] - if settings.SECURITY_LOGIN_CAPTCHA_ENABLED and captcha: - bases.append(CaptchaMixin) if settings.SECURITY_LOGIN_CHALLENGE_ENABLED: bases.append(ChallengeMixin) + elif settings.SECURITY_LOGIN_CAPTCHA_ENABLED and captcha: + bases.append(CaptchaMixin) bases.append(UserLoginForm) return type('UserLoginForm', tuple(bases), {}) diff --git a/apps/authentication/mixins.py b/apps/authentication/mixins.py index ef76c8b74..5295d4c40 100644 --- a/apps/authentication/mixins.py +++ b/apps/authentication/mixins.py @@ -191,7 +191,10 @@ class AuthMixin(PasswordEncryptionViewMixin): raise self.partial_credential_error(error=error) def _set_partial_credential_error(self, username, ip, request): - self.partial_credential_error = partial(errors.CredentialError, username=username, ip=ip, request=request) + self.partial_credential_error = partial( + errors.CredentialError, username=username, + ip=ip, request=request + ) def get_auth_data(self, decrypt_passwd=False): request = self.request diff --git a/apps/authentication/views/login.py b/apps/authentication/views/login.py index 084004a3a..a33d8cee8 100644 --- a/apps/authentication/views/login.py +++ b/apps/authentication/views/login.py @@ -9,6 +9,7 @@ from django.contrib.auth import login as auth_login, logout as auth_logout from django.http import HttpResponse from django.shortcuts import reverse, redirect from django.utils.decorators import method_decorator +from django.db import transaction from django.utils.translation import ugettext as _ from django.views.decorators.cache import never_cache from django.views.decorators.csrf import csrf_protect @@ -18,14 +19,13 @@ from django.views.generic.edit import FormView from django.conf import settings from django.urls import reverse_lazy from django.contrib.auth import BACKEND_SESSION_KEY -from django.db.transaction import atomic -from common.utils import get_request_ip, FlashMessageUtil +from common.utils import FlashMessageUtil from users.utils import ( redirect_user_first_login_or_index ) from ..const import RSA_PRIVATE_KEY, RSA_PUBLIC_KEY -from .. import mixins, errors, utils +from .. import mixins, errors from ..forms import get_user_login_form_cls @@ -109,7 +109,7 @@ class UserLoginView(mixins.AuthMixin, FormView): self.request.session.delete_test_cookie() try: - with atomic(): + with transaction.atomic(): self.check_user_auth(decrypt_passwd=True) except errors.AuthFailedError as e: form.add_error(None, e.msg) diff --git a/apps/settings/serializers/security.py b/apps/settings/serializers/security.py index 98bf38d52..2872baa38 100644 --- a/apps/settings/serializers/security.py +++ b/apps/settings/serializers/security.py @@ -70,7 +70,7 @@ class SecurityAuthSerializer(serializers.Serializer): help_text=_("If enable, CAS、OIDC auth will be failed, if user not exist yet") ) SECURITY_MFA_VERIFY_TTL = serializers.IntegerField( - min_value=5, max_value=60*30, + min_value=5, max_value=60*60*10, label=_("MFA verify TTL"), help_text=_("Unit: second"), ) SECURITY_LOGIN_CAPTCHA_ENABLED = serializers.BooleanField( diff --git a/apps/users/models/user.py b/apps/users/models/user.py index df5b436ef..385e085da 100644 --- a/apps/users/models/user.py +++ b/apps/users/models/user.py @@ -472,6 +472,7 @@ class MFAMixin: (2, _("Force enable")), ) is_org_admin: bool + username: str @property def mfa_enabled(self):