mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-08-11 19:12:35 +00:00
feat: 支持自定义认证 backend;统一其他认证方式的信号触发逻辑;通过配置文件控制
This commit is contained in:
parent
89051b2c67
commit
8fc5c4cf9e
@ -17,6 +17,8 @@ class CustomAuthBackend(JMSModelBackend):
|
|||||||
return import_string(self.custom_auth_method_path)
|
return import_string(self.custom_auth_method_path)
|
||||||
|
|
||||||
def is_enabled(self):
|
def is_enabled(self):
|
||||||
|
if not settings.AUTH_CUSTOM:
|
||||||
|
return False
|
||||||
try:
|
try:
|
||||||
self.load_authenticate_method()
|
self.load_authenticate_method()
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
@ -224,6 +224,8 @@ class Config(dict):
|
|||||||
'CONNECTION_TOKEN_EXPIRATION': 5 * 60,
|
'CONNECTION_TOKEN_EXPIRATION': 5 * 60,
|
||||||
|
|
||||||
# Custom Config
|
# Custom Config
|
||||||
|
'AUTH_CUSTOM': False,
|
||||||
|
|
||||||
# Auth LDAP settings
|
# Auth LDAP settings
|
||||||
'AUTH_LDAP': False,
|
'AUTH_LDAP': False,
|
||||||
'AUTH_LDAP_SERVER_URI': 'ldap://localhost:389',
|
'AUTH_LDAP_SERVER_URI': 'ldap://localhost:389',
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
#
|
#
|
||||||
import os
|
import os
|
||||||
import ldap
|
import ldap
|
||||||
from django.utils.translation import ugettext_lazy as _
|
|
||||||
|
|
||||||
from ..const import CONFIG, PROJECT_DIR, BASE_DIR
|
from ..const import CONFIG, PROJECT_DIR, BASE_DIR
|
||||||
|
|
||||||
@ -197,7 +196,6 @@ AUTH_BACKEND_OAUTH2 = 'authentication.backends.oauth2.OAuth2Backend'
|
|||||||
AUTH_BACKEND_TEMP_TOKEN = 'authentication.backends.token.TempTokenAuthBackend'
|
AUTH_BACKEND_TEMP_TOKEN = 'authentication.backends.token.TempTokenAuthBackend'
|
||||||
AUTH_BACKEND_CUSTOM = 'authentication.backends.custom.CustomAuthBackend'
|
AUTH_BACKEND_CUSTOM = 'authentication.backends.custom.CustomAuthBackend'
|
||||||
|
|
||||||
|
|
||||||
AUTHENTICATION_BACKENDS = [
|
AUTHENTICATION_BACKENDS = [
|
||||||
# 只做权限校验
|
# 只做权限校验
|
||||||
RBAC_BACKEND,
|
RBAC_BACKEND,
|
||||||
@ -210,10 +208,13 @@ AUTHENTICATION_BACKENDS = [
|
|||||||
AUTH_BACKEND_WECOM, AUTH_BACKEND_DINGTALK, AUTH_BACKEND_FEISHU,
|
AUTH_BACKEND_WECOM, AUTH_BACKEND_DINGTALK, AUTH_BACKEND_FEISHU,
|
||||||
# Token模式
|
# Token模式
|
||||||
AUTH_BACKEND_AUTH_TOKEN, AUTH_BACKEND_SSO, AUTH_BACKEND_TEMP_TOKEN,
|
AUTH_BACKEND_AUTH_TOKEN, AUTH_BACKEND_SSO, AUTH_BACKEND_TEMP_TOKEN,
|
||||||
# 自定义模块
|
|
||||||
AUTH_BACKEND_CUSTOM
|
|
||||||
]
|
]
|
||||||
|
|
||||||
|
AUTH_CUSTOM = CONFIG.AUTH_CUSTOM
|
||||||
|
if AUTH_CUSTOM:
|
||||||
|
# 自定义认证模块
|
||||||
|
AUTHENTICATION_BACKENDS.append(AUTH_BACKEND_CUSTOM)
|
||||||
|
|
||||||
AUTHENTICATION_BACKENDS_THIRD_PARTY = [AUTH_BACKEND_OIDC_CODE, AUTH_BACKEND_CAS, AUTH_BACKEND_SAML2, AUTH_BACKEND_OAUTH2]
|
AUTHENTICATION_BACKENDS_THIRD_PARTY = [AUTH_BACKEND_OIDC_CODE, AUTH_BACKEND_CAS, AUTH_BACKEND_SAML2, AUTH_BACKEND_OAUTH2]
|
||||||
ONLY_ALLOW_EXIST_USER_AUTH = CONFIG.ONLY_ALLOW_EXIST_USER_AUTH
|
ONLY_ALLOW_EXIST_USER_AUTH = CONFIG.ONLY_ALLOW_EXIST_USER_AUTH
|
||||||
ONLY_ALLOW_AUTH_FROM_SOURCE = CONFIG.ONLY_ALLOW_AUTH_FROM_SOURCE
|
ONLY_ALLOW_AUTH_FROM_SOURCE = CONFIG.ONLY_ALLOW_AUTH_FROM_SOURCE
|
||||||
|
Loading…
Reference in New Issue
Block a user