github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-02 07:55:16 +00:00
Code Issues Projects Releases Wiki Activity

[Update] 修改登录工单

Browse Source
This commit is contained in:
ibuler
2019-11-08 15:48:01 +08:00
parent 08775551c2
commit f9e41d71dc
27 changed files with 784 additions and 599 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
apps/authentication/api/login_confirm.py
View File

@@ -4,6 +4,7 @@ from rest_framework.generics import UpdateAPIView
from rest_framework.response import Response
from rest_framework.views import APIView
from django.shortcuts import get_object_or_404
from django.utils.translation import ugettext as _
from common.utils import get_logger, get_object_or_none
from common.permissions import IsOrgAdmin
@@ -11,7 +12,7 @@ from ..models import LoginConfirmSetting
from ..serializers import LoginConfirmSettingSerializer
from .. import errors
__all__ = ['LoginConfirmSettingUpdateApi', 'UserTicketAcceptAuthApi']
__all__ = ['LoginConfirmSettingUpdateApi', 'LoginConfirmTicketStatusApi']
logger = get_logger(__name__)
@@ -30,10 +31,10 @@ class LoginConfirmSettingUpdateApi(UpdateAPIView):
return s
class UserTicketAcceptAuthApi(APIView):
class LoginConfirmTicketStatusApi(APIView):
permission_classes = ()
def get(self, request, *args, **kwargs):
def get_ticket(self):
from tickets.models import LoginConfirmTicket
ticket_id = self.request.session.get("auth_ticket_id")
logger.debug('Login confirm ticket id: {}'.format(ticket_id))
@@ -41,31 +42,32 @@ class UserTicketAcceptAuthApi(APIView):
ticket = None
else:
ticket = get_object_or_none(LoginConfirmTicket, pk=ticket_id)
return ticket
def get(self, request, *args, **kwargs):
ticket_id = self.request.session.get("auth_ticket_id")
ticket = self.get_ticket()
try:
if not ticket:
raise errors.LoginConfirmTicketNotFound(ticket_id)
if ticket.action == LoginConfirmTicket.ACTION_APPROVE:
raise errors.LoginConfirmOtherError(ticket_id, _("not found"))
if ticket.status == 'open':
raise errors.LoginConfirmWaitError(ticket_id)
elif ticket.action == ticket.ACTION_APPROVE:
self.request.session["auth_confirm"] = "1"
return Response({"msg": "ok"})
elif ticket.action == LoginConfirmTicket.ACTION_REJECT:
raise errors.LoginConfirmRejectedError(ticket_id)
elif ticket.action == ticket.ACTION_REJECT:
raise errors.LoginConfirmOtherError(
ticket_id, ticket.get_action_display()
)
else:
raise errors.LoginConfirmWaitError(ticket_id)
raise errors.LoginConfirmOtherError(
ticket_id, ticket.get_status_display()
)
except errors.AuthFailedError as e:
data = e.as_data()
return Response(data, status=400)
return Response(e.as_data(), status=400)
class UserTicketCancelAuthApi(APIView):
permission_classes = ()
def get(self, request, *args, **kwargs):
from tickets.models import LoginConfirmTicket
ticket_id = self.request.session.get("auth_ticket_id")
logger.debug('Login confirm ticket id: {}'.format(ticket_id))
if not ticket_id:
ticket = None
else:
ticket = get_object_or_none(LoginConfirmTicket, pk=ticket_id)
if not ticket:
ticket.status = "close"
def delete(self, request, *args, **kwargs):
ticket = self.get_ticket()
if ticket:
ticket.perform_status('closed', request.user)
return Response('', status=200)

15
apps/authentication/errors.py
View File

@@ -48,8 +48,7 @@ mfa_failed_msg = _("MFA code invalid, or ntp sync server time")
mfa_required_msg = _("MFA required")
login_confirm_required_msg = _("Login confirm required")
login_confirm_wait_msg = _("Wait login confirm ticket for accept")
login_confirm_rejected_msg = _("Login confirm ticket was rejected")
login_confirm_ticket_not_found_msg = _("Ticket not found")
login_confirm_error_msg = _("Login confirm ticket was {}")
class AuthFailedNeedLogMixin:
@@ -174,11 +173,9 @@ class LoginConfirmWaitError(LoginConfirmError):
error = 'login_confirm_wait'
class LoginConfirmRejectedError(LoginConfirmError):
msg = login_confirm_rejected_msg
error = 'login_confirm_rejected'
class LoginConfirmOtherError(LoginConfirmError):
error = 'login_confirm_error'
class LoginConfirmTicketNotFound(LoginConfirmError):
msg = login_confirm_ticket_not_found_msg
error = 'login_confirm_ticket_not_found'
def __init__(self, ticket_id, status):
msg = login_confirm_error_msg.format(status)
super().__init__(ticket_id=ticket_id, msg=msg)

2
apps/authentication/mixins.py
View File

@@ -106,7 +106,7 @@ class AuthMixin:
if ticket.status == "accepted":
return
elif ticket.status == "rejected":
raise errors.LoginConfirmRejectedError(ticket.id)
raise errors.LoginConfirmOtherError(ticket.id)
else:
raise errors.LoginConfirmWaitError(ticket.id)

5
apps/authentication/models.py
View File

@@ -62,12 +62,9 @@ class LoginConfirmSetting(CommonModelMixin):
remote_addr = '127.0.0.1'
body = ''
reviewer = self.reviewers.all()
reviewer_names = ','.join([u.name for u in reviewer])
ticket = LoginConfirmTicket.objects.create(
user=self.user, user_display=str(self.user),
title=title, body=body,
user=self.user, title=title, body=body,
city=city, ip=remote_addr,
assignees_display=reviewer_names,
type=LoginConfirmTicket.TYPE_LOGIN_CONFIRM,
)
ticket.assignees.set(reviewer)

11
apps/authentication/serializers.py
View File

@@ -1,10 +1,10 @@
# -*- coding: utf-8 -*-
#
from django.core.cache import cache
from rest_framework import serializers
from common.utils import get_object_or_none
from users.models import User
from users.serializers import UserProfileSerializer
from .models import AccessKey, LoginConfirmSetting
@@ -26,14 +26,15 @@ class OtpVerifySerializer(serializers.Serializer):
class BearerTokenSerializer(serializers.Serializer):
username = serializers.CharField(allow_null=True, required=False)
username = serializers.CharField(allow_null=True, required=False, write_only=True)
password = serializers.CharField(write_only=True, allow_null=True,
required=False)
required=False, allow_blank=True)
public_key = serializers.CharField(write_only=True, allow_null=True,
required=False)
allow_blank=True, required=False)
token = serializers.CharField(read_only=True)
keyword = serializers.SerializerMethodField()
date_expired = serializers.DateTimeField(read_only=True)
user = UserProfileSerializer(read_only=True)
@staticmethod
def get_keyword(obj):
@@ -52,9 +53,9 @@ class BearerTokenSerializer(serializers.Serializer):
)
token, date_expired = user.create_bearer_token(request)
instance = {
"username": user.username,
"token": token,
"date_expired": date_expired,
"user": user
}
return instance

2
apps/authentication/templates/authentication/login_wait_confirm.html
View File

@@ -73,7 +73,7 @@ var infoMsgRef = $(".info-messages");
var timestamp = '{{ timestamp }}';
var progressBarRef = $(".progress-bar");
var interval, checkInterval;
var url = "{% url 'api-auth:user-order-auth' %}";
var url = "{% url 'api-auth:login-confirm-ticket-status' %}";
var successUrl = "{% url 'authentication:login-guard' %}";
function doRequestAuth() {

2
apps/authentication/urls/api_urls.py
View File

@@ -18,7 +18,7 @@ urlpatterns = [
path('connection-token/',
api.UserConnectionTokenApi.as_view(), name='connection-token'),
path('otp/verify/', api.UserOtpVerifyApi.as_view(), name='user-otp-verify'),
path('order/auth/', api.UserTicketAcceptAuthApi.as_view(), name='user-order-auth'),
path('login-confirm-ticket/status/', api.LoginConfirmTicketStatusApi.as_view(), name='login-confirm-ticket-status'),
path('login-confirm-settings/<uuid:user_id>/', api.LoginConfirmSettingUpdateApi.as_view(), name='login-confirm-setting-update')
]