diff --git a/apps/authentication/backends/custom.py b/apps/authentication/backends/custom.py index d6e9cc018..d0b309b83 100644 --- a/apps/authentication/backends/custom.py +++ b/apps/authentication/backends/custom.py @@ -17,6 +17,8 @@ class CustomAuthBackend(JMSModelBackend): return import_string(self.custom_auth_method_path) def is_enabled(self): + if not settings.AUTH_CUSTOM: + return False try: self.load_authenticate_method() except Exception as e: diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index 7b26b4ee2..c0aa257ee 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -224,6 +224,8 @@ class Config(dict): 'CONNECTION_TOKEN_EXPIRATION': 5 * 60, # Custom Config + 'AUTH_CUSTOM': False, + # Auth LDAP settings 'AUTH_LDAP': False, 'AUTH_LDAP_SERVER_URI': 'ldap://localhost:389', diff --git a/apps/jumpserver/settings/auth.py b/apps/jumpserver/settings/auth.py index 4e1e63ad8..099b91de7 100644 --- a/apps/jumpserver/settings/auth.py +++ b/apps/jumpserver/settings/auth.py @@ -2,7 +2,6 @@ # import os import ldap -from django.utils.translation import ugettext_lazy as _ from ..const import CONFIG, PROJECT_DIR, BASE_DIR @@ -197,7 +196,6 @@ AUTH_BACKEND_OAUTH2 = 'authentication.backends.oauth2.OAuth2Backend' AUTH_BACKEND_TEMP_TOKEN = 'authentication.backends.token.TempTokenAuthBackend' AUTH_BACKEND_CUSTOM = 'authentication.backends.custom.CustomAuthBackend' - AUTHENTICATION_BACKENDS = [ # 只做权限校验 RBAC_BACKEND, @@ -210,10 +208,13 @@ AUTHENTICATION_BACKENDS = [ AUTH_BACKEND_WECOM, AUTH_BACKEND_DINGTALK, AUTH_BACKEND_FEISHU, # Token模式 AUTH_BACKEND_AUTH_TOKEN, AUTH_BACKEND_SSO, AUTH_BACKEND_TEMP_TOKEN, - # 自定义模块 - AUTH_BACKEND_CUSTOM ] +AUTH_CUSTOM = CONFIG.AUTH_CUSTOM +if AUTH_CUSTOM: + # 自定义认证模块 + AUTHENTICATION_BACKENDS.append(AUTH_BACKEND_CUSTOM) + AUTHENTICATION_BACKENDS_THIRD_PARTY = [AUTH_BACKEND_OIDC_CODE, AUTH_BACKEND_CAS, AUTH_BACKEND_SAML2, AUTH_BACKEND_OAUTH2] ONLY_ALLOW_EXIST_USER_AUTH = CONFIG.ONLY_ALLOW_EXIST_USER_AUTH ONLY_ALLOW_AUTH_FROM_SOURCE = CONFIG.ONLY_ALLOW_AUTH_FROM_SOURCE