authentik/passbook/policies/expiry/models.py

"""passbook password_expiry_policy Models"""
from datetime import timedelta
from typing import Type

from django.db import models
from django.forms import ModelForm
from django.utils.timezone import now
from django.utils.translation import gettext as _
from structlog import get_logger

from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult

LOGGER = get_logger()


class PasswordExpiryPolicy(Policy):
    """If password change date is more than x days in the past, invalidate the user's password
    and show a notice"""

    deny_only = models.BooleanField(default=False)
    days = models.IntegerField()

    def form(self) -> Type[ModelForm]:
        from passbook.policies.expiry.forms import PasswordExpiryPolicyForm

        return PasswordExpiryPolicyForm

    def passes(self, request: PolicyRequest) -> PolicyResult:
        """If password change date is more than x days in the past, call set_unusable_password
        and show a notice"""
        actual_days = (now() - request.user.password_change_date).days
        days_since_expiry = (
            now() - (request.user.password_change_date + timedelta(days=self.days))
        ).days
        if actual_days >= self.days:
            if not self.deny_only:
                request.user.set_unusable_password()
                request.user.save()
                message = _(
                    (
                        "Password expired %(days)d days ago. "
                        "Please update your password."
                    )
                    % {"days": days_since_expiry}
                )
                return PolicyResult(False, message)
            return PolicyResult(False, _("Password has expired."))
        return PolicyResult(True)

    class Meta:

        verbose_name = _("Password Expiry Policy")
        verbose_name_plural = _("Password Expiry Policies")
add password policy 2019-03-03 16:12:05 +00:00			`"""passbook password_expiry_policy Models"""`
			`from datetime import timedelta`
Squashed commit of the following: commit 88029a43355d73011b9fd078231fd932cfa1e2a6 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:55:55 2020 +0200 admin: update to work with new form commit 4040eb9619a9beb8ae6bc93f49c0170e4f198f15 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:43:30 2020 +0200 : remove path-based import from all PropertyMappings commit c9663a08dade5b14fcc9a1ddb68637ccc2da8dc9 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:33:34 2020 +0200 flows: update work with new stages commit a3d92ebc0a9744efbe3f3940d83e357fad0c63d5 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:23:30 2020 +0200 stages/: remove path-based import from all stages commit 6fa825e372942dbc9f3733ffdac888d44f862ec5 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:03:55 2020 +0200 providers/: remove path-based import from all providers commit 6aefd072c881870948f746992803a181eb65d1e1 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 15:58:48 2020 +0200 policies/: remove path-based import from all policies commit ac2dd3611fd70c880c2ce356651aee54c11014cf Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 15:11:27 2020 +0200 sources/*: remove path-based import from all sources commit 74e628ce9c4f3359e34b17eae922b76e47bc1a37 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 14:43:38 2020 +0200 ui: allow overriding of verbose_name commit d4ee18ee32491c4b41090120b72986de3c7e5222 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 14:08:27 2020 +0200 sources/oauth: migrate from discordapp.com to discord.com 2020-07-20 16:17:14 +00:00			`from typing import Type`
add password policy 2019-03-03 16:12:05 +00:00
			`from django.db import models`
Squashed commit of the following: commit 88029a43355d73011b9fd078231fd932cfa1e2a6 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:55:55 2020 +0200 admin: update to work with new form commit 4040eb9619a9beb8ae6bc93f49c0170e4f198f15 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:43:30 2020 +0200 : remove path-based import from all PropertyMappings commit c9663a08dade5b14fcc9a1ddb68637ccc2da8dc9 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:33:34 2020 +0200 flows: update work with new stages commit a3d92ebc0a9744efbe3f3940d83e357fad0c63d5 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:23:30 2020 +0200 stages/: remove path-based import from all stages commit 6fa825e372942dbc9f3733ffdac888d44f862ec5 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:03:55 2020 +0200 providers/: remove path-based import from all providers commit 6aefd072c881870948f746992803a181eb65d1e1 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 15:58:48 2020 +0200 policies/: remove path-based import from all policies commit ac2dd3611fd70c880c2ce356651aee54c11014cf Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 15:11:27 2020 +0200 sources/*: remove path-based import from all sources commit 74e628ce9c4f3359e34b17eae922b76e47bc1a37 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 14:43:38 2020 +0200 ui: allow overriding of verbose_name commit d4ee18ee32491c4b41090120b72986de3c7e5222 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 14:08:27 2020 +0200 sources/oauth: migrate from discordapp.com to discord.com 2020-07-20 16:17:14 +00:00			`from django.forms import ModelForm`
add password policy 2019-03-03 16:12:05 +00:00			`from django.utils.timezone import now`
			`from django.utils.translation import gettext as _`
*(minor): stdlib logging to structlog 2019-10-01 08:24:10 +00:00			`from structlog import get_logger`
add password policy 2019-03-03 16:12:05 +00:00
*: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies 2020-05-16 16:07:00 +00:00			`from passbook.policies.models import Policy`
policies: struct -> types to match core 2020-02-20 12:52:05 +00:00			`from passbook.policies.types import PolicyRequest, PolicyResult`
add password policy 2019-03-03 16:12:05 +00:00
*(minor): remove __name__ param from get_logger 2019-10-04 08:08:53 +00:00			`LOGGER = get_logger()`
add password policy 2019-03-03 16:12:05 +00:00

			`class PasswordExpiryPolicy(Policy):`
admin: show object's docstring on inheritance based lists 2020-05-20 11:47:58 +00:00			`"""If password change date is more than x days in the past, invalidate the user's password`
add password policy 2019-03-03 16:12:05 +00:00			`and show a notice"""`

			`deny_only = models.BooleanField(default=False)`
			`days = models.IntegerField()`

Squashed commit of the following: commit 88029a43355d73011b9fd078231fd932cfa1e2a6 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:55:55 2020 +0200 admin: update to work with new form commit 4040eb9619a9beb8ae6bc93f49c0170e4f198f15 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:43:30 2020 +0200 : remove path-based import from all PropertyMappings commit c9663a08dade5b14fcc9a1ddb68637ccc2da8dc9 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:33:34 2020 +0200 flows: update work with new stages commit a3d92ebc0a9744efbe3f3940d83e357fad0c63d5 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:23:30 2020 +0200 stages/: remove path-based import from all stages commit 6fa825e372942dbc9f3733ffdac888d44f862ec5 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 16:03:55 2020 +0200 providers/: remove path-based import from all providers commit 6aefd072c881870948f746992803a181eb65d1e1 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 15:58:48 2020 +0200 policies/: remove path-based import from all policies commit ac2dd3611fd70c880c2ce356651aee54c11014cf Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 15:11:27 2020 +0200 sources/*: remove path-based import from all sources commit 74e628ce9c4f3359e34b17eae922b76e47bc1a37 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 14:43:38 2020 +0200 ui: allow overriding of verbose_name commit d4ee18ee32491c4b41090120b72986de3c7e5222 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Mon Jul 20 14:08:27 2020 +0200 sources/oauth: migrate from discordapp.com to discord.com 2020-07-20 16:17:14 +00:00			`def form(self) -> Type[ModelForm]:`
			`from passbook.policies.expiry.forms import PasswordExpiryPolicyForm`

			`return PasswordExpiryPolicyForm`
add password policy 2019-03-03 16:12:05 +00:00
policy(minor): add data class for policy request 2019-10-03 08:45:31 +00:00			`def passes(self, request: PolicyRequest) -> PolicyResult:`
add password policy 2019-03-03 16:12:05 +00:00			`"""If password change date is more than x days in the past, call set_unusable_password`
			`and show a notice"""`
policy(minor): add data class for policy request 2019-10-03 08:45:31 +00:00			`actual_days = (now() - request.user.password_change_date).days`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`days_since_expiry = (`
			`now() - (request.user.password_change_date + timedelta(days=self.days))`
			`).days`
add password policy 2019-03-03 16:12:05 +00:00			`if actual_days >= self.days:`
			`if not self.deny_only:`
policy(minor): add data class for policy request 2019-10-03 08:45:31 +00:00			`request.user.set_unusable_password()`
			`request.user.save()`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`message = _(`
			`(`
			`"Password expired %(days)d days ago. "`
			`"Please update your password."`
			`)`
			`% {"days": days_since_expiry}`
			`)`
policy(minor): Move policy-related code to separate package 2019-10-01 08:17:39 +00:00			`return PolicyResult(False, message)`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`return PolicyResult(False, _("Password has expired."))`
policy(minor): Move policy-related code to separate package 2019-10-01 08:17:39 +00:00			`return PolicyResult(True)`
add password policy 2019-03-03 16:12:05 +00:00
			`class Meta:`

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`verbose_name = _("Password Expiry Policy")`
			`verbose_name_plural = _("Password Expiry Policies")`