github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-10 11:49:10 +00:00
Code Issues Projects Releases Wiki Activity

fix: pubkey auth require svc sign

Browse Source
This commit is contained in:
ibuler
2023-09-25 22:58:12 +08:00
committed by Bryan
parent 1f00c00183
commit 9bde2ff6e1
2 changed files with 41 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/authentication/mixins.py
View File

@@ -424,6 +424,7 @@ class AuthMixin(CommonMixin, AuthPreCheckMixin, AuthACLMixin, MFAMixin, AuthPost
key_prefix_captcha = "_LOGIN_INVALID_{}"
def _check_auth_user_is_valid(self, username, password, public_key):
from common.permissions import ServiceAccountSignaturePermission
user = authenticate(
self.request, username=username,
password=password, public_key=public_key
@@ -431,6 +432,11 @@ class AuthMixin(CommonMixin, AuthPreCheckMixin, AuthACLMixin, MFAMixin, AuthPost
if not user:
self.raise_credential_error(errors.reason_password_failed)
if public_key:
permission = ServiceAccountSignaturePermission()
if not permission.has_permission(self.request, self):
self.raise_credential_error(errors.reason_password_failed)
self.request.session['auth_backend'] = getattr(user, 'backend', settings.AUTH_BACKEND_MODEL)
if user.is_expired: