stages/authenticator_validate: create a default authenticator validate stage with sensible defaults
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
parent
8040e2b6e4
commit
0225bf9c99
|
|
@ -0,0 +1,57 @@
|
||||||
|
# Generated by Django 3.0.3 on 2020-05-08 14:30
|
||||||
|
|
||||||
|
from django.apps.registry import Apps
|
||||||
|
from django.db import migrations
|
||||||
|
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
|
||||||
|
|
||||||
|
from authentik.stages.authenticator_validate.models import default_device_classes
|
||||||
|
|
||||||
|
|
||||||
|
def create_default_validate_stage(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
|
Flow = apps.get_model("authentik_flows", "Flow")
|
||||||
|
FlowStageBinding = apps.get_model("authentik_flows", "FlowStageBinding")
|
||||||
|
AuthenticatorValidateStage = apps.get_model(
|
||||||
|
"authentik_stages_authenticator_validate", "AuthenticatorValidateStage"
|
||||||
|
)
|
||||||
|
|
||||||
|
db_alias = schema_editor.connection.alias
|
||||||
|
|
||||||
|
auth_flows = Flow.objects.using(db_alias).filter(slug="default-authentication-flow")
|
||||||
|
if not auth_flows.exists():
|
||||||
|
return
|
||||||
|
|
||||||
|
# If there's already a validation stage in the flow, skip
|
||||||
|
if (
|
||||||
|
AuthenticatorValidateStage.objects.using(db_alias)
|
||||||
|
.filter(flow__slug="default-authentication-flow")
|
||||||
|
.exists()
|
||||||
|
):
|
||||||
|
return
|
||||||
|
|
||||||
|
validate_stage, _ = AuthenticatorValidateStage.objects.using(db_alias).update_or_create(
|
||||||
|
name="default-authentication-mfa-validation",
|
||||||
|
defaults={
|
||||||
|
"device_classes": default_device_classes,
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
|
FlowStageBinding.objects.using(db_alias).update_or_create(
|
||||||
|
target=auth_flows.first(),
|
||||||
|
stage=validate_stage,
|
||||||
|
defaults={
|
||||||
|
"order": 30,
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
("authentik_flows", "0008_default_flows"),
|
||||||
|
(
|
||||||
|
"authentik_stages_authenticator_validate",
|
||||||
|
"0008_alter_authenticatorvalidatestage_device_classes",
|
||||||
|
),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [migrations.RunPython(create_default_validate_stage)]
|
||||||
Reference in New Issue