diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index 8af9c9a6d..bc08e0bf2 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -277,6 +277,7 @@ class Config(dict): 'AUTH_LDAP_START_TLS': False, 'AUTH_LDAP_USER_ATTR_MAP': {"username": "cn", "name": "sn", "email": "mail"}, 'AUTH_LDAP_CONNECT_TIMEOUT': 10, + 'AUTH_LDAP_CACHE_TIMEOUT': 3600 * 24 * 30, 'AUTH_LDAP_SEARCH_PAGED_SIZE': 1000, 'AUTH_LDAP_SYNC_IS_PERIODIC': False, 'AUTH_LDAP_SYNC_INTERVAL': None, diff --git a/apps/jumpserver/settings/auth.py b/apps/jumpserver/settings/auth.py index 4e4badcfc..60d2aeab8 100644 --- a/apps/jumpserver/settings/auth.py +++ b/apps/jumpserver/settings/auth.py @@ -42,7 +42,7 @@ AUTH_LDAP_CONNECTION_OPTIONS = { ldap.OPT_TIMEOUT: CONFIG.AUTH_LDAP_CONNECT_TIMEOUT, ldap.OPT_NETWORK_TIMEOUT: CONFIG.AUTH_LDAP_CONNECT_TIMEOUT } -AUTH_LDAP_CACHE_TIMEOUT = 1 +AUTH_LDAP_CACHE_TIMEOUT = CONFIG.AUTH_LDAP_CACHE_TIMEOUT AUTH_LDAP_ALWAYS_UPDATE_USER = True AUTH_LDAP_SEARCH_PAGED_SIZE = CONFIG.AUTH_LDAP_SEARCH_PAGED_SIZE diff --git a/apps/locale/ja/LC_MESSAGES/django.mo b/apps/locale/ja/LC_MESSAGES/django.mo index 0f1ef3780..ec43e0852 100644 --- a/apps/locale/ja/LC_MESSAGES/django.mo +++ b/apps/locale/ja/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:dc970795864d73bc77baf03cb771b26d4f095ec7e6a7be915ec6387130ef5ccd -size 176770 +oid sha256:fb95f4b9ba9c3b40c187a65481f7c19f7bc8039f669a34af7d5ae95e53643108 +size 177197 diff --git a/apps/locale/ja/LC_MESSAGES/django.po b/apps/locale/ja/LC_MESSAGES/django.po index c02c19988..dc7212451 100644 --- a/apps/locale/ja/LC_MESSAGES/django.po +++ b/apps/locale/ja/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-09 15:39+0800\n" +"POT-Creation-Date: 2024-04-09 19:54+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -469,7 +469,7 @@ msgstr "SSHキープッシュ方式" #: accounts/models/automations/gather_account.py:58 #: accounts/serializers/account/backup.py:41 #: accounts/serializers/automations/change_secret.py:58 -#: settings/serializers/auth/ldap.py:81 +#: settings/serializers/auth/ldap.py:90 msgid "Recipient" msgstr "受信者" @@ -3372,7 +3372,7 @@ msgstr "コードエラー" #: authentication/templates/authentication/_msg_reset_password_code.html:9 #: authentication/templates/authentication/_msg_rest_password_success.html:2 #: authentication/templates/authentication/_msg_rest_public_key_success.html:2 -#: jumpserver/conf.py:464 +#: jumpserver/conf.py:465 #: perms/templates/perms/_msg_item_permissions_expire.html:3 #: perms/templates/perms/_msg_permed_items_expire.html:3 #: tickets/templates/tickets/approve_check_password.html:32 @@ -4020,16 +4020,16 @@ msgstr "特殊文字を含むべきではない" msgid "The mobile phone number format is incorrect" msgstr "携帯電話番号の形式が正しくありません" -#: jumpserver/conf.py:458 +#: jumpserver/conf.py:459 #, python-brace-format msgid "The verification code is: {code}" msgstr "認証コードは: {code}" -#: jumpserver/conf.py:463 +#: jumpserver/conf.py:464 msgid "Create account successfully" msgstr "アカウントを正常に作成" -#: jumpserver/conf.py:465 +#: jumpserver/conf.py:466 msgid "Your account has been created successfully" msgstr "アカウントが正常に作成されました" @@ -4202,7 +4202,7 @@ msgstr "ファイルキーこのフィールドは必須です" msgid "This file can not be delete" msgstr "このファイルを削除できません" -#: ops/apps.py:9 ops/notifications.py:17 rbac/tree.py:57 +#: ops/apps.py:9 ops/notifications.py:18 rbac/tree.py:57 msgid "App ops" msgstr "アプリ操作" @@ -4440,30 +4440,30 @@ msgstr "创建方式" msgid "VCS URL" msgstr "VCS URL" -#: ops/notifications.py:18 +#: ops/notifications.py:19 msgid "Server performance" msgstr "サーバーのパフォーマンス" -#: ops/notifications.py:24 +#: ops/notifications.py:25 msgid "Terminal health check warning" msgstr "ターミナルヘルスチェックの警告" -#: ops/notifications.py:69 +#: ops/notifications.py:70 #, python-brace-format msgid "The terminal is offline: {name}" msgstr "ターミナルはオフラインです: {name}" -#: ops/notifications.py:74 +#: ops/notifications.py:75 #, python-brace-format msgid "Disk used more than {max_threshold}%: => {value}" msgstr "{max_threshold}%: => {value} を超えるディスクを使用" -#: ops/notifications.py:79 +#: ops/notifications.py:80 #, python-brace-format msgid "Memory used more than {max_threshold}%: => {value}" msgstr "{max_threshold}%: => {value} を超える使用メモリ" -#: ops/notifications.py:84 +#: ops/notifications.py:85 #, python-brace-format msgid "CPU load more than {max_threshold}: => {value}" msgstr "{max_threshold} を超えるCPUロード: => {value}" @@ -5225,11 +5225,21 @@ msgstr "" msgid "Connect timeout (s)" msgstr "接続タイムアウト (秒)" -#: settings/serializers/auth/ldap.py:79 +#: settings/serializers/auth/ldap.py:82 +msgid "User DN cache timeout (s)" +msgstr "User DN キャッシュの有効期限 (秒)" + +#: settings/serializers/auth/ldap.py:84 +msgid "" +"Caching the User DN obtained during user login authentication can " +"effectivelyimprove the speed of user authentication., 0 means no cache" +msgstr "ユーザーログイン認証時に取得したユーザー DN をキャッシュすることで、ユーザー認証の速度を効果的に向上させることができます" + +#: settings/serializers/auth/ldap.py:88 msgid "Search paged size (piece)" msgstr "ページサイズを検索 (じょう)" -#: settings/serializers/auth/ldap.py:84 +#: settings/serializers/auth/ldap.py:93 msgid "Enable LDAP auth" msgstr "LDAP認証の有効化" diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo index 44d2308af..62eb9eec4 100644 --- a/apps/locale/zh/LC_MESSAGES/django.mo +++ b/apps/locale/zh/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:004b344b0cb837c9b043d956bf0cfa3357f4f38d0213a4319b20c141e2a3a329 -size 144651 +oid sha256:6f6656001387bf98569a93f668d5fa6d16dd462a329f79663c90e7b870e21a00 +size 145003 diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index 97a976f1c..edae54cd6 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-09 15:39+0800\n" +"POT-Creation-Date: 2024-04-09 19:54+0800\n" "PO-Revision-Date: 2021-05-20 10:54+0800\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -468,7 +468,7 @@ msgstr "SSH 密钥推送方式" #: accounts/models/automations/gather_account.py:58 #: accounts/serializers/account/backup.py:41 #: accounts/serializers/automations/change_secret.py:58 -#: settings/serializers/auth/ldap.py:81 +#: settings/serializers/auth/ldap.py:90 msgid "Recipient" msgstr "收件人" @@ -3338,7 +3338,7 @@ msgstr "代码错误" #: authentication/templates/authentication/_msg_reset_password_code.html:9 #: authentication/templates/authentication/_msg_rest_password_success.html:2 #: authentication/templates/authentication/_msg_rest_public_key_success.html:2 -#: jumpserver/conf.py:464 +#: jumpserver/conf.py:465 #: perms/templates/perms/_msg_item_permissions_expire.html:3 #: perms/templates/perms/_msg_permed_items_expire.html:3 #: tickets/templates/tickets/approve_check_password.html:32 @@ -3974,16 +3974,16 @@ msgstr "不能包含特殊字符" msgid "The mobile phone number format is incorrect" msgstr "手机号格式不正确" -#: jumpserver/conf.py:458 +#: jumpserver/conf.py:459 #, python-brace-format msgid "The verification code is: {code}" msgstr "验证码为: {code}" -#: jumpserver/conf.py:463 +#: jumpserver/conf.py:464 msgid "Create account successfully" msgstr "创建账号成功" -#: jumpserver/conf.py:465 +#: jumpserver/conf.py:466 msgid "Your account has been created successfully" msgstr "你的账号已创建成功" @@ -4146,7 +4146,7 @@ msgstr "文件密钥该字段是必填项。" msgid "This file can not be delete" msgstr "无法删除此文件" -#: ops/apps.py:9 ops/notifications.py:17 rbac/tree.py:57 +#: ops/apps.py:9 ops/notifications.py:18 rbac/tree.py:57 msgid "App ops" msgstr "作业中心" @@ -4384,30 +4384,30 @@ msgstr "创建方式" msgid "VCS URL" msgstr "VCS URL" -#: ops/notifications.py:18 +#: ops/notifications.py:19 msgid "Server performance" msgstr "监控告警" -#: ops/notifications.py:24 +#: ops/notifications.py:25 msgid "Terminal health check warning" msgstr "终端健康状况检查警告" -#: ops/notifications.py:69 +#: ops/notifications.py:70 #, python-brace-format msgid "The terminal is offline: {name}" msgstr "终端已离线: {name}" -#: ops/notifications.py:74 +#: ops/notifications.py:75 #, python-brace-format msgid "Disk used more than {max_threshold}%: => {value}" msgstr "硬盘使用率超过 {max_threshold}%: => {value}" -#: ops/notifications.py:79 +#: ops/notifications.py:80 #, python-brace-format msgid "Memory used more than {max_threshold}%: => {value}" msgstr "内存使用率超过 {max_threshold}%: => {value}" -#: ops/notifications.py:84 +#: ops/notifications.py:85 #, python-brace-format msgid "CPU load more than {max_threshold}: => {value}" msgstr "CPU 使用率超过 {max_threshold}: => {value}" @@ -5165,11 +5165,21 @@ msgstr "" msgid "Connect timeout (s)" msgstr "连接超时时间 (秒)" -#: settings/serializers/auth/ldap.py:79 +#: settings/serializers/auth/ldap.py:82 +msgid "User DN cache timeout (s)" +msgstr "User DN 缓存超时时间 (秒)" + +#: settings/serializers/auth/ldap.py:84 +msgid "" +"Caching the User DN obtained during user login authentication can " +"effectivelyimprove the speed of user authentication., 0 means no cache" +msgstr "对用户登录认证时查询出的 User DN 进行缓存,可以有效提高用户认证的速度" + +#: settings/serializers/auth/ldap.py:88 msgid "Search paged size (piece)" msgstr "搜索分页数量 (条)" -#: settings/serializers/auth/ldap.py:84 +#: settings/serializers/auth/ldap.py:93 msgid "Enable LDAP auth" msgstr "启用 LDAP 认证" diff --git a/apps/locale/zh_Hant/LC_MESSAGES/django.mo b/apps/locale/zh_Hant/LC_MESSAGES/django.mo index 3d2d2e61b..58febfcc3 100644 --- a/apps/locale/zh_Hant/LC_MESSAGES/django.mo +++ b/apps/locale/zh_Hant/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:e9d6c38abd39ee75354acd8c9779542f5431aad189f0784828cc7fefe56e6163 -size 144754 +oid sha256:f03f5ea39632dc901af76222a14a2a1ce4d2c9899534c9134352b4c66feed525 +size 145108 diff --git a/apps/locale/zh_Hant/LC_MESSAGES/django.po b/apps/locale/zh_Hant/LC_MESSAGES/django.po index f9916be66..960d68700 100644 --- a/apps/locale/zh_Hant/LC_MESSAGES/django.po +++ b/apps/locale/zh_Hant/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-09 15:47+0800\n" +"POT-Creation-Date: 2024-04-09 19:54+0800\n" "PO-Revision-Date: 2021-05-20 10:54+0800\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -470,7 +470,7 @@ msgstr "SSH 金鑰推送方式" #: accounts/models/automations/gather_account.py:58 #: accounts/serializers/account/backup.py:41 #: accounts/serializers/automations/change_secret.py:58 -#: settings/serializers/auth/ldap.py:81 +#: settings/serializers/auth/ldap.py:90 msgid "Recipient" msgstr "收件人" @@ -3340,7 +3340,7 @@ msgstr "代碼錯誤" #: authentication/templates/authentication/_msg_reset_password_code.html:9 #: authentication/templates/authentication/_msg_rest_password_success.html:2 #: authentication/templates/authentication/_msg_rest_public_key_success.html:2 -#: jumpserver/conf.py:464 +#: jumpserver/conf.py:465 #: perms/templates/perms/_msg_item_permissions_expire.html:3 #: perms/templates/perms/_msg_permed_items_expire.html:3 #: tickets/templates/tickets/approve_check_password.html:32 @@ -3976,16 +3976,16 @@ msgstr "不能包含特殊字元" msgid "The mobile phone number format is incorrect" msgstr "手機號碼格式不正確" -#: jumpserver/conf.py:458 +#: jumpserver/conf.py:459 #, python-brace-format msgid "The verification code is: {code}" msgstr "驗證碼為: {code}" -#: jumpserver/conf.py:463 +#: jumpserver/conf.py:464 msgid "Create account successfully" msgstr "創建帳號成功" -#: jumpserver/conf.py:465 +#: jumpserver/conf.py:466 msgid "Your account has been created successfully" msgstr "你的帳號已創建成功" @@ -4147,7 +4147,7 @@ msgstr "文件金鑰該欄位是必填項。" msgid "This file can not be delete" msgstr "無法刪除此文件" -#: ops/apps.py:9 ops/notifications.py:17 rbac/tree.py:57 +#: ops/apps.py:9 ops/notifications.py:18 rbac/tree.py:57 msgid "App ops" msgstr "作業中心" @@ -4385,30 +4385,30 @@ msgstr "創建方式" msgid "VCS URL" msgstr "VCS URL" -#: ops/notifications.py:18 +#: ops/notifications.py:19 msgid "Server performance" msgstr "監控告警" -#: ops/notifications.py:24 +#: ops/notifications.py:25 msgid "Terminal health check warning" msgstr "終端健康狀況檢查警告" -#: ops/notifications.py:69 +#: ops/notifications.py:70 #, python-brace-format msgid "The terminal is offline: {name}" msgstr "終端已離線: {name}" -#: ops/notifications.py:74 +#: ops/notifications.py:75 #, python-brace-format msgid "Disk used more than {max_threshold}%: => {value}" msgstr "硬碟使用率超過 {max_threshold}%: => {value}" -#: ops/notifications.py:79 +#: ops/notifications.py:80 #, python-brace-format msgid "Memory used more than {max_threshold}%: => {value}" msgstr "記憶體使用率超過 {max_threshold}%: => {value}" -#: ops/notifications.py:84 +#: ops/notifications.py:85 #, python-brace-format msgid "CPU load more than {max_threshold}: => {value}" msgstr "CPU 使用率超過 {max_threshold}: => {value}" @@ -5166,11 +5166,21 @@ msgstr "" msgid "Connect timeout (s)" msgstr "連接超時時間 (秒)" -#: settings/serializers/auth/ldap.py:79 +#: settings/serializers/auth/ldap.py:82 +msgid "User DN cache timeout (s)" +msgstr "快取逾時時間 (秒)" + +#: settings/serializers/auth/ldap.py:84 +msgid "" +"Caching the User DN obtained during user login authentication can " +"effectivelyimprove the speed of user authentication., 0 means no cache" +msgstr "對於使用者登錄認證時查詢的使用者 DN 進行快取,可以有效提高使用者認證的速度" + +#: settings/serializers/auth/ldap.py:88 msgid "Search paged size (piece)" msgstr "搜索分頁數量 (條)" -#: settings/serializers/auth/ldap.py:84 +#: settings/serializers/auth/ldap.py:93 msgid "Enable LDAP auth" msgstr "啟用 LDAP 認證" diff --git a/apps/settings/serializers/auth/ldap.py b/apps/settings/serializers/auth/ldap.py index a79c0081f..4229e1251 100644 --- a/apps/settings/serializers/auth/ldap.py +++ b/apps/settings/serializers/auth/ldap.py @@ -76,6 +76,15 @@ class LDAPSettingSerializer(serializers.Serializer): min_value=1, max_value=300, required=False, label=_('Connect timeout (s)'), ) + AUTH_LDAP_CACHE_TIMEOUT = serializers.IntegerField( + min_value=0, max_value=3600 * 24 * 30 * 12, + default=3600 * 24 * 30, + required=False, label=_('User DN cache timeout (s)'), + help_text=_( + 'Caching the User DN obtained during user login authentication can effectively' + 'improve the speed of user authentication., 0 means no cache' + ) + ) AUTH_LDAP_SEARCH_PAGED_SIZE = serializers.IntegerField(required=False, label=_('Search paged size (piece)')) AUTH_LDAP_SYNC_RECEIVERS = serializers.ListField( required=False, label=_('Recipient'), max_length=36