inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-06-18 04:55:44 +00:00
Code Activity

Re-implement auth flow using new APIs; adds MFA to PUI

Browse Source
This commit is contained in:
Matthias Mair
2024-12-26 17:42:36 +01:00
parent 7334dc446a
commit e3c8b89b67
9 changed files with 127 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/backend/InvenTree/InvenTree/auth_overrides.py
View File

@ -11,12 +11,14 @@ from django.utils.translation import gettext_lazy as _
from allauth.account.adapter import DefaultAccountAdapter
from allauth.account.forms import LoginForm, SignupForm, set_form_field_order
from allauth.headless.tokens.sessions import SessionTokenStrategy
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
import InvenTree.helpers_model
import InvenTree.sso
from common.settings import get_global_setting
from InvenTree.exceptions import log_error
from users.models import ApiToken
logger = logging.getLogger('inventree')
@ -219,3 +221,12 @@ class CustomSocialAccountAdapter(
# Log the error to the database
log_error(path, error_name=error, error_data=exception)
logger.error("SSO error for provider '%s' - check admin error log", provider_id)
class DRFTokenStrategy(SessionTokenStrategy):
"""Strategy that InvenTrees own included Token model."""
def create_access_token(self, request):
"""Create a new access token for the user."""
token, _ = ApiToken.objects.get_or_create(user=request.user)
return token.key

5
src/backend/InvenTree/InvenTree/settings.py
View File

@ -20,6 +20,7 @@ from django.core.validators import URLValidator
from django.http import Http404
import structlog
from corsheaders.defaults import default_headers
from dotenv import load_dotenv
from zoneinfo import ZoneInfo, ZoneInfoNotFoundError
@ -1165,6 +1166,9 @@ USE_X_FORWARDED_PORT = get_boolean_setting(
# Refer to the django-cors-headers documentation for more information
# Ref: https://github.com/adamchainz/django-cors-headers
CORS_ALLOW_HEADERS = (*default_headers, 'x-session-token')
# Extract CORS options from configuration file
CORS_ALLOW_ALL_ORIGINS = get_boolean_setting(
'INVENTREE_CORS_ORIGIN_ALLOW_ALL', config_key='cors.allow_all', default_value=DEBUG
@ -1290,6 +1294,7 @@ HEADLESS_FRONTEND_URLS = {
'account_signup': 'https://app.org/account/signup',
}
HEADLESS_ONLY = True
HEADLESS_TOKEN_STRATEGY = 'InvenTree.auth_overrides.DRFTokenStrategy'
MFA_ENABLED = get_boolean_setting('INVENTREE_MFA_ENABLED', 'mfa_enabled', True)
# Markdownify configuration