blueprints: fix policy exception causing password stage to be skipped after upgrade (#6674)
* blueprints: fix policy exception causing password stage to be skipped after upgrade * make policy more fault tolerant Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
e1a49e1f4e
commit
1ffb7efed6
|
@ -51,6 +51,8 @@ entries:
|
||||||
order: 20
|
order: 20
|
||||||
stage: !KeyOf default-authentication-password
|
stage: !KeyOf default-authentication-password
|
||||||
target: !KeyOf flow
|
target: !KeyOf flow
|
||||||
|
attrs:
|
||||||
|
re_evaluate_policies: true
|
||||||
id: default-authentication-flow-password-binding
|
id: default-authentication-flow-password-binding
|
||||||
model: authentik_flows.flowstagebinding
|
model: authentik_flows.flowstagebinding
|
||||||
- identifiers:
|
- identifiers:
|
||||||
|
@ -69,10 +71,12 @@ entries:
|
||||||
name: default-authentication-flow-password-stage
|
name: default-authentication-flow-password-stage
|
||||||
attrs:
|
attrs:
|
||||||
expression: |
|
expression: |
|
||||||
flow_plan = request.context["flow_plan"]
|
flow_plan = request.context.get("flow_plan")
|
||||||
|
if not flow_plan:
|
||||||
|
return True
|
||||||
# If the user does not have a backend attached to it, they haven't
|
# If the user does not have a backend attached to it, they haven't
|
||||||
# been authenticated yet and we need the password stage
|
# been authenticated yet and we need the password stage
|
||||||
return not hasattr(flow_plan.context["pending_user"], "backend")
|
return not hasattr(flow_plan.context.get("pending_user"), "backend")
|
||||||
- model: authentik_policies.policybinding
|
- model: authentik_policies.policybinding
|
||||||
identifiers:
|
identifiers:
|
||||||
order: 10
|
order: 10
|
||||||
|
|
Reference in a new issue