inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2026-02-02 03:14:56 +00:00
Code Activity

refactor(backend): SSO registration cleanup (#11239)

Browse Source 
* add more debugging and remove possible problematic inheritance

* remove unused functions

* remove extra conversion

* ensure cirrect type is used

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
This commit is contained in:
Matthias Mair
2026-02-02 03:14:06 +01:00
committed by GitHub
parent e1a45ec289
commit e6077565c5
4 changed files with 15 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/docs/settings/error_codes.md
View File

@@ -192,6 +192,13 @@ Therefore the registration user interface elements will not be shown.
To enable registration, the email settings must be configured correctly. See [email configuration](../start/config.md#email-settings). To enable registration, the email settings must be configured correctly. See [email configuration](../start/config.md#email-settings).
#### INVE-W12
**Signup attempt blocked because registration is disabled - Backend**
A user attempted to sign up but registration is currently disabled via the system settings. This is to prevent unauthorized or unwanted user registrations.
To enable registration, adjust the relevant settings (for regular or SSO registration) to allow user signups.
### INVE-I (InvenTree Information) ### INVE-I (InvenTree Information)
Information — These are not errors but information messages. They might point out potential issues or just provide information. Information — These are not errors but information messages. They might point out potential issues or just provide information.

5
src/backend/InvenTree/InvenTree/api.py
View File

@@ -29,7 +29,6 @@ from common.settings import get_global_setting
from InvenTree import helpers, ready from InvenTree import helpers, ready
from InvenTree.auth_overrides import registration_enabled from InvenTree.auth_overrides import registration_enabled
from InvenTree.mixins import ListCreateAPI from InvenTree.mixins import ListCreateAPI
from InvenTree.sso import sso_registration_enabled
from plugin.serializers import MetadataSerializer from plugin.serializers import MetadataSerializer
from users.models import ApiToken from users.models import ApiToken
from users.permissions import check_user_permission, prefetch_rule_sets from users.permissions import check_user_permission, prefetch_rule_sets
@@ -326,8 +325,8 @@ class InfoView(APIView):
if (is_staff and settings.INVENTREE_ADMIN_ENABLED) if (is_staff and settings.INVENTREE_ADMIN_ENABLED)
else None, else None,
'settings': { 'settings': {
'sso_registration': sso_registration_enabled(), 'sso_registration': registration_enabled('LOGIN_ENABLE_SSO_REG'),
'registration_enabled': registration_enabled(), 'registration_enabled': registration_enabled('LOGIN_ENABLE_REG'),
'password_forgotten_enabled': get_global_setting( 'password_forgotten_enabled': get_global_setting(
'LOGIN_ENABLE_PWD_FORGOT' 'LOGIN_ENABLE_PWD_FORGOT'
), ),

8
src/backend/InvenTree/InvenTree/auth_overrides.py
View File

@@ -19,6 +19,7 @@ from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
from common.settings import get_global_setting from common.settings import get_global_setting
from InvenTree.exceptions import log_error from InvenTree.exceptions import log_error
from .helpers import str2bool
from .helpers_email import is_email_configured from .helpers_email import is_email_configured
logger = structlog.get_logger('inventree') logger = structlog.get_logger('inventree')
@@ -91,7 +92,7 @@ RegistrationKeys = Literal['LOGIN_ENABLE_REG', 'LOGIN_ENABLE_SSO_REG']
def registration_enabled(setting_name: RegistrationKeys = 'LOGIN_ENABLE_REG'): def registration_enabled(setting_name: RegistrationKeys = 'LOGIN_ENABLE_REG'):
"""Determine whether user registration is enabled.""" """Determine whether user registration is enabled."""
if get_global_setting(setting_name): if str2bool(get_global_setting(setting_name)):
if is_email_configured(): if is_email_configured():
return True return True
else: else:
@@ -112,7 +113,10 @@ class RegistrationMixin:
Configure the class variable `REGISTRATION_SETTING` to set which setting should be used, default: `LOGIN_ENABLE_REG`. Configure the class variable `REGISTRATION_SETTING` to set which setting should be used, default: `LOGIN_ENABLE_REG`.
""" """
if registration_enabled(self.REGISTRATION_SETTING): if registration_enabled(self.REGISTRATION_SETTING):
return super().is_open_for_signup(request, *args, **kwargs) return True
logger.warning(
f'INVE-W12: Signup attempt blocked, because registration is disabled via setting {self.REGISTRATION_SETTING}.'
)
return False return False
def clean_email(self, email): def clean_email(self, email):

16
src/backend/InvenTree/InvenTree/sso.py
View File

@@ -10,7 +10,6 @@ import structlog
from allauth.socialaccount.models import SocialAccount, SocialLogin from allauth.socialaccount.models import SocialAccount, SocialLogin
from common.settings import get_global_setting from common.settings import get_global_setting
from InvenTree.helpers import str2bool
logger = structlog.get_logger('inventree') logger = structlog.get_logger('inventree')
@@ -69,21 +68,6 @@ def provider_display_name(provider):
return provider.name return provider.name
def sso_login_enabled() -> bool:
"""Return True if SSO login is enabled."""
return str2bool(get_global_setting('LOGIN_ENABLE_SSO'))
def sso_registration_enabled() -> bool:
"""Return True if SSO registration is enabled."""
return str2bool(get_global_setting('LOGIN_ENABLE_SSO_REG'))
def auto_registration_enabled() -> bool:
"""Return True if SSO auto-registration is enabled."""
return str2bool(get_global_setting('LOGIN_SIGNUP_SSO_AUTO'))
def ensure_sso_groups(sender, sociallogin: SocialLogin, **kwargs): def ensure_sso_groups(sender, sociallogin: SocialLogin, **kwargs):
"""Sync groups from IdP each time a SSO user logs on. """Sync groups from IdP each time a SSO user logs on.