DGNum/dgsi
14
0
Fork 0
Code Issues 7 Pull requests 1 Projects Releases Packages Wiki Activity

feat(account): Prevent connections from some categories of users

Browse source
This commit is contained in:
Tom Hubrecht 2024-09-18 23:00:36 +02:00
parent c3f0e70384
commit 5af8e2fd24
Signed by: thubrecht
SSH key fingerprint: SHA256:r+nK/SIcWlJ0zFZJGHtlAoRwq1Rm+WcKAm5ADYMoQPc
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/shared/account.py
View file

@ -1,5 +1,7 @@
from allauth.core.exceptions import ImmediateHttpResponse
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
from allauth.socialaccount.models import SocialLogin from allauth.socialaccount.models import SocialLogin
from django.http import HttpResponseRedirect
from dgsi.models import User from dgsi.models import User
@ -15,6 +17,16 @@ class SharedAccountAdapter(DefaultSocialAccountAdapter):
case "ens_cas": case "ens_cas":
# In this case, the username is located in extra_data["uid"] # In this case, the username is located in extra_data["uid"]
username = sociallogin.account.extra_data["uid"] username = sociallogin.account.extra_data["uid"]
# Validate that the user is a regular one
home = sociallogin.account.extra_data["homeDirectory"].split("/")
if (home[1] != "users") or (
home[2]
in ["absint", "algo", "grecc", "guests", "spi", "spi1", "staffs"]
):
raise ImmediateHttpResponse(HttpResponseRedirect("/"))
case "kanidm": case "kanidm":
username = sociallogin.account.extra_data["preferred_username"] username = sociallogin.account.extra_data["preferred_username"]
case _p: case _p: