mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-08-13 20:06:20 +00:00
edfca5eb24
* perf: 优化 suggesstion * perf: 修改 migrations * feat: 添加OIDC认证逻辑 * perf: 修改 backend * perf: 优化认证backends * perf: 优化认证backends * perf: 优化CAS认证, 用户多域名进行访问时回调到各自域名 Co-authored-by: ibuler <ibuler@qq.com>
38 lines
1.1 KiB
Python
38 lines
1.1 KiB
Python
# -*- coding: utf-8 -*-
|
|
#
|
|
from django.contrib.auth import get_user_model
|
|
from django.conf import settings
|
|
|
|
from .base import JMSBaseAuthBackend
|
|
|
|
UserModel = get_user_model()
|
|
|
|
__all__ = ['PublicKeyAuthBackend']
|
|
|
|
|
|
class PublicKeyAuthBackend(JMSBaseAuthBackend):
|
|
@staticmethod
|
|
def is_enabled():
|
|
return settings.TERMINAL_PUBLIC_KEY_AUTH
|
|
|
|
def authenticate(self, request, username=None, public_key=None, **kwargs):
|
|
if not public_key:
|
|
return None
|
|
if username is None:
|
|
username = kwargs.get(UserModel.USERNAME_FIELD)
|
|
try:
|
|
user = UserModel._default_manager.get_by_natural_key(username)
|
|
except UserModel.DoesNotExist:
|
|
return None
|
|
else:
|
|
if user.check_public_key(public_key) and \
|
|
self.user_can_authenticate(user):
|
|
return user
|
|
|
|
def get_user(self, user_id):
|
|
try:
|
|
user = UserModel._default_manager.get(pk=user_id)
|
|
except UserModel.DoesNotExist:
|
|
return None
|
|
return user if self.user_can_authenticate(user) else None
|