inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-11-04 07:05:41 +00:00
Code Activity

Allauth settings update (#6830)

Browse Source 
* Allauth settings updates:

- Ref: https://docs.allauth.org/en/latest/account/rate_limits.html
- Auto-detect protocol if SITE_URL is provided
- Update rate limit setting definition
- Removed "deprecation warning" in logs

* Update docs

* Adjust default value for login attempt rate limit

Ref: https://docs.allauth.org/en/latest/account/rate_limits.html#rate-limits

* Fix format
This commit is contained in:
Oliver
2024-03-24 16:18:53 +11:00
committed by GitHub
parent 2ab94141ea
commit a18a7af881
2 changed files with 28 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
InvenTree/InvenTree/settings.py
View File

@@ -1130,12 +1130,32 @@ SOCIALACCOUNT_OPENID_CONNECT_URL_PREFIX = ''
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = get_setting( ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = get_setting(
'INVENTREE_LOGIN_CONFIRM_DAYS', 'login_confirm_days', 3, typecast=int 'INVENTREE_LOGIN_CONFIRM_DAYS', 'login_confirm_days', 3, typecast=int
) )
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = get_setting(
'INVENTREE_LOGIN_ATTEMPTS', 'login_attempts', 5, typecast=int # allauth rate limiting: https://docs.allauth.org/en/latest/account/rate_limits.html
) # The default login rate limit is "5/m/user,5/m/ip,5/m/key"
login_attempts = get_setting('INVENTREE_LOGIN_ATTEMPTS', 'login_attempts', 5)
try:
login_attempts = int(login_attempts)
login_attempts = f'{login_attempts}/m/ip,{login_attempts}/m/key'
except ValueError:
pass
ACCOUNT_RATE_LIMITS = {'login_failed': login_attempts}
# Default protocol for login
ACCOUNT_DEFAULT_HTTP_PROTOCOL = get_setting( ACCOUNT_DEFAULT_HTTP_PROTOCOL = get_setting(
'INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL', 'login_default_protocol', 'http' 'INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL', 'login_default_protocol', None
) )
if ACCOUNT_DEFAULT_HTTP_PROTOCOL is None:
if SITE_URL and SITE_URL.startswith('https://'):
# auto-detect HTTPS prtoocol
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'https'
else:
# default to http
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'http'
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = True ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = True
ACCOUNT_PREVENT_ENUMERATION = True ACCOUNT_PREVENT_ENUMERATION = True
ACCOUNT_EMAIL_SUBJECT_PREFIX = EMAIL_SUBJECT_PREFIX ACCOUNT_EMAIL_SUBJECT_PREFIX = EMAIL_SUBJECT_PREFIX

5
docs/docs/start/config.md
View File

@@ -292,7 +292,10 @@ The login-experience can be altered with the following settings:
| --- | --- | --- | --- | | --- | --- | --- | --- |
| INVENTREE_LOGIN_CONFIRM_DAYS | login_confirm_days | Duration for which confirmation links are valid | 3 | | INVENTREE_LOGIN_CONFIRM_DAYS | login_confirm_days | Duration for which confirmation links are valid | 3 |
| INVENTREE_LOGIN_ATTEMPTS | login_attempts | Count of allowed login attempts before blocking user | 5 | | INVENTREE_LOGIN_ATTEMPTS | login_attempts | Count of allowed login attempts before blocking user | 5 |
| INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL | login_default_protocol | Default protocol to use for login callbacks (e.g. using [SSO](#single-sign-on)) | http | | INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL | login_default_protocol | Default protocol to use for login callbacks (e.g. using [SSO](#single-sign-on)) | Uses the protocol specified in `INVENTREE_SITE_URL`, or defaults to *http* |
!!! tip "Default Protocol"
If you have specified `INVENTREE_SITE_URL`, the default protocol will be used from that setting. Otherwise, the default protocol will be *http*.
### Authentication Backends ### Authentication Backends