remove deprecated login endpoints
This commit is contained in:
wh1te909
@@ -135,93 +135,6 @@ class LoginViewV2(KnoxLoginView):
|
|||||||
return notify_error("Bad credentials")
|
return notify_error("Bad credentials")
|
||||||
|
|
||||||
|
|
||||||
class CheckCreds(KnoxLoginView):
|
|
||||||
# TODO
|
|
||||||
# This view is deprecated as of 0.19.0
|
|
||||||
# Needed for the initial update to 0.19.0 so frontend code doesn't break on login
|
|
||||||
permission_classes = (AllowAny,)
|
|
||||||
|
|
||||||
def post(self, request, format=None):
|
|
||||||
# check credentials
|
|
||||||
serializer = AuthTokenSerializer(data=request.data)
|
|
||||||
if not serializer.is_valid():
|
|
||||||
AuditLog.audit_user_failed_login(
|
|
||||||
request.data["username"], debug_info={"ip": request._client_ip}
|
|
||||||
)
|
|
||||||
return notify_error("Bad credentials")
|
|
||||||
|
|
||||||
user = serializer.validated_data["user"]
|
|
||||||
|
|
||||||
if user.block_dashboard_login or user.is_sso_user:
|
|
||||||
return notify_error("Bad credentials")
|
|
||||||
|
|
||||||
# block local logon if configured
|
|
||||||
core_settings = get_core_settings()
|
|
||||||
if not user.is_superuser and core_settings.block_local_user_logon:
|
|
||||||
return notify_error("Bad credentials")
|
|
||||||
|
|
||||||
# if totp token not set modify response to notify frontend
|
|
||||||
if not user.totp_key:
|
|
||||||
login(request, user)
|
|
||||||
response = super(CheckCreds, self).post(request, format=None)
|
|
||||||
response.data["totp"] = "totp not set"
|
|
||||||
return response
|
|
||||||
|
|
||||||
return Response("ok")
|
|
||||||
|
|
||||||
|
|
||||||
class LoginView(KnoxLoginView):
|
|
||||||
# TODO
|
|
||||||
# This view is deprecated as of 0.19.0
|
|
||||||
# Needed for the initial update to 0.19.0 so frontend code doesn't break on login
|
|
||||||
permission_classes = (AllowAny,)
|
|
||||||
|
|
||||||
def post(self, request, format=None):
|
|
||||||
valid = False
|
|
||||||
|
|
||||||
serializer = AuthTokenSerializer(data=request.data)
|
|
||||||
serializer.is_valid(raise_exception=True)
|
|
||||||
user = serializer.validated_data["user"]
|
|
||||||
|
|
||||||
if user.block_dashboard_login or user.is_sso_user:
|
|
||||||
return notify_error("Bad credentials")
|
|
||||||
|
|
||||||
# block local logon if configured
|
|
||||||
core_settings = get_core_settings()
|
|
||||||
if not user.is_superuser and core_settings.block_local_user_logon:
|
|
||||||
return notify_error("Bad credentials")
|
|
||||||
|
|
||||||
token = request.data["twofactor"]
|
|
||||||
totp = pyotp.TOTP(user.totp_key)
|
|
||||||
|
|
||||||
if settings.DEBUG and token == "sekret":
|
|
||||||
valid = True
|
|
||||||
elif getattr(settings, "DEMO", False):
|
|
||||||
valid = True
|
|
||||||
elif totp.verify(token, valid_window=10):
|
|
||||||
valid = True
|
|
||||||
|
|
||||||
if valid:
|
|
||||||
login(request, user)
|
|
||||||
|
|
||||||
# save ip information
|
|
||||||
ipw = IpWare()
|
|
||||||
client_ip, _ = ipw.get_client_ip(request.META)
|
|
||||||
if client_ip:
|
|
||||||
user.last_login_ip = str(client_ip)
|
|
||||||
user.save()
|
|
||||||
|
|
||||||
AuditLog.audit_user_login_successful(
|
|
||||||
request.data["username"], debug_info={"ip": request._client_ip}
|
|
||||||
)
|
|
||||||
return super(LoginView, self).post(request, format=None)
|
|
||||||
else:
|
|
||||||
AuditLog.audit_user_failed_twofactor(
|
|
||||||
request.data["username"], debug_info={"ip": request._client_ip}
|
|
||||||
)
|
|
||||||
return notify_error("Bad credentials")
|
|
||||||
|
|
||||||
|
|
||||||
class GetDeleteActiveLoginSessionsPerUser(APIView):
|
class GetDeleteActiveLoginSessionsPerUser(APIView):
|
||||||
permission_classes = [IsAuthenticated, AccountsPerms]
|
permission_classes = [IsAuthenticated, AccountsPerms]
|
||||||
|
|
||||||
|
|||||||
@@ -2,7 +2,7 @@ from django.conf import settings
|
|||||||
from django.urls import include, path, register_converter
|
from django.urls import include, path, register_converter
|
||||||
from knox import views as knox_views
|
from knox import views as knox_views
|
||||||
|
|
||||||
from accounts.views import CheckCreds, CheckCredsV2, LoginView, LoginViewV2
|
from accounts.views import CheckCredsV2, LoginViewV2
|
||||||
from ee.sso.urls import allauth_urls
|
from ee.sso.urls import allauth_urls
|
||||||
|
|
||||||
# from agents.consumers import SendCMD
|
# from agents.consumers import SendCMD
|
||||||
@@ -28,8 +28,6 @@ urlpatterns = [
|
|||||||
path("_allauth/", include(allauth_urls)),
|
path("_allauth/", include(allauth_urls)),
|
||||||
path("v2/checkcreds/", CheckCredsV2.as_view()),
|
path("v2/checkcreds/", CheckCredsV2.as_view()),
|
||||||
path("v2/login/", LoginViewV2.as_view()),
|
path("v2/login/", LoginViewV2.as_view()),
|
||||||
path("checkcreds/", CheckCreds.as_view()), # DEPRECATED AS OF 0.19.0
|
|
||||||
path("login/", LoginView.as_view()), # DEPRECATED AS OF 0.19.0
|
|
||||||
path("logout/", knox_views.LogoutView.as_view()),
|
path("logout/", knox_views.LogoutView.as_view()),
|
||||||
path("logoutall/", knox_views.LogoutAllView.as_view()),
|
path("logoutall/", knox_views.LogoutAllView.as_view()),
|
||||||
path("api/v3/", include("apiv3.urls")),
|
path("api/v3/", include("apiv3.urls")),
|
||||||
|
|||||||
Reference in New Issue
Block a user