github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-10 20:00:10 +00:00
Code Issues Projects Releases Wiki Activity

fix: Password reset is only required for AUTH_BACKEND_MODEL

Browse Source
This commit is contained in:
wangruidong
2024-10-23 10:53:29 +08:00
committed by Bryan
parent 0918f5c6f6
commit 6686afcec1
2 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/authentication/mixins.py
View File

@@ -319,20 +319,26 @@ class AuthPostCheckMixin:
@classmethod
def _check_passwd_is_too_simple(cls, user: User, password):
if user.is_superuser and password == 'admin':
if not user.is_auth_backend_model():
return
if user.check_passwd_too_simple(password):
message = _('Your password is too simple, please change it for security')
url = cls.generate_reset_password_url_with_flash_msg(user, message=message)
raise errors.PasswordTooSimple(url)
@classmethod
def _check_passwd_need_update(cls, user: User):
if user.need_update_password:
if not user.is_auth_backend_model():
return
if user.check_need_update_password():
message = _('You should to change your password before login')
url = cls.generate_reset_password_url_with_flash_msg(user, message)
raise errors.PasswordNeedUpdate(url)
@classmethod
def _check_password_require_reset_or_not(cls, user: User):
if not user.is_auth_backend_model():
return
if user.password_has_expired:
message = _('Your password has expired, please reset before logging in')
url = cls.generate_reset_password_url_with_flash_msg(user, message)