core: fix token identifier not being slugified when created with user-controller input
closes #1390 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
b5c857aff4
commit
3f84abec2f
|
@ -8,6 +8,7 @@ from django.db.transaction import atomic
|
||||||
from django.db.utils import IntegrityError
|
from django.db.utils import IntegrityError
|
||||||
from django.urls import reverse_lazy
|
from django.urls import reverse_lazy
|
||||||
from django.utils.http import urlencode
|
from django.utils.http import urlencode
|
||||||
|
from django.utils.text import slugify
|
||||||
from django.utils.timezone import now
|
from django.utils.timezone import now
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from django_filters.filters import BooleanFilter, CharFilter, ModelMultipleChoiceFilter
|
from django_filters.filters import BooleanFilter, CharFilter, ModelMultipleChoiceFilter
|
||||||
|
@ -273,7 +274,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
|
||||||
)
|
)
|
||||||
group.users.add(user)
|
group.users.add(user)
|
||||||
token = Token.objects.create(
|
token = Token.objects.create(
|
||||||
identifier=f"service-account-{username}-password",
|
identifier=slugify(f"service-account-{username}-password"),
|
||||||
intent=TokenIntents.INTENT_APP_PASSWORD,
|
intent=TokenIntents.INTENT_APP_PASSWORD,
|
||||||
user=user,
|
user=user,
|
||||||
expires=now() + timedelta(days=360),
|
expires=now() + timedelta(days=360),
|
||||||
|
|
|
@ -4,6 +4,7 @@ from getpass import getuser
|
||||||
|
|
||||||
from django.core.management.base import BaseCommand
|
from django.core.management.base import BaseCommand
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
|
from django.utils.text import slugify
|
||||||
from django.utils.timezone import now
|
from django.utils.timezone import now
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
@ -42,7 +43,7 @@ class Command(BaseCommand):
|
||||||
user=user,
|
user=user,
|
||||||
intent=TokenIntents.INTENT_RECOVERY,
|
intent=TokenIntents.INTENT_RECOVERY,
|
||||||
description=f"Recovery Token generated by {getuser()} on {_now}",
|
description=f"Recovery Token generated by {getuser()} on {_now}",
|
||||||
identifier=f"ak-recovery-{user}-{_now}",
|
identifier=slugify(f"ak-recovery-{user}-{_now}"),
|
||||||
)
|
)
|
||||||
self.stdout.write(
|
self.stdout.write(
|
||||||
(f"Store this link safely, as it will allow" f" anyone to access authentik as {user}.")
|
(f"Store this link safely, as it will allow" f" anyone to access authentik as {user}.")
|
||||||
|
|
Reference in a new issue