trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stages/email: use different query arguments for email and invitation tokens 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-09-20 19:55:53 +02:00
parent 180d27cc37
commit 4c29d517f0
4 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
authentik/stages/email/stage.py
View File

@ -22,7 +22,7 @@ from authentik.stages.email.tasks import send_mails
from authentik.stages.email.utils import TemplateEmailMessage from authentik.stages.email.utils import TemplateEmailMessage
LOGGER = get_logger() LOGGER = get_logger()
QS_KEY_TOKEN = "token" # nosec QS_KEY_TOKEN = "etoken" # nosec
PLAN_CONTEXT_EMAIL_SENT = "email_sent" PLAN_CONTEXT_EMAIL_SENT = "email_sent"

11
authentik/stages/invitation/stage.py
View File

@ -15,7 +15,8 @@ from authentik.stages.invitation.signals import invitation_used
from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT
LOGGER = get_logger() LOGGER = get_logger()
INVITATION_TOKEN_KEY = "token" # nosec INVITATION_TOKEN_KEY_CONTEXT = "token" # nosec
INVITATION_TOKEN_KEY = "itoken" # nosec
INVITATION_IN_EFFECT = "invitation_in_effect" INVITATION_IN_EFFECT = "invitation_in_effect"
INVITATION = "invitation" INVITATION = "invitation"
@ -29,10 +30,14 @@ class InvitationStageView(StageView):
def get_token(self) -> Optional[str]: def get_token(self) -> Optional[str]:
"""Get token from saved get-arguments or prompt_data""" """Get token from saved get-arguments or prompt_data"""
# Check for ?token= and ?itoken=
if INVITATION_TOKEN_KEY in self.request.session.get(SESSION_KEY_GET, {}): if INVITATION_TOKEN_KEY in self.request.session.get(SESSION_KEY_GET, {}):
return self.request.session[SESSION_KEY_GET][INVITATION_TOKEN_KEY] return self.request.session[SESSION_KEY_GET][INVITATION_TOKEN_KEY]
if INVITATION_TOKEN_KEY in self.executor.plan.context.get(PLAN_CONTEXT_PROMPT, {}): if INVITATION_TOKEN_KEY_CONTEXT in self.request.session.get(SESSION_KEY_GET, {}):
return self.executor.plan.context[PLAN_CONTEXT_PROMPT][INVITATION_TOKEN_KEY] return self.request.session[SESSION_KEY_GET][INVITATION_TOKEN_KEY_CONTEXT]
# Check for {'token': ''} in the context
if INVITATION_TOKEN_KEY_CONTEXT in self.executor.plan.context.get(PLAN_CONTEXT_PROMPT, {}):
return self.executor.plan.context[PLAN_CONTEXT_PROMPT][INVITATION_TOKEN_KEY_CONTEXT]
return None return None
def get(self, request: HttpRequest) -> HttpResponse: def get(self, request: HttpRequest) -> HttpResponse:

2
web/src/pages/stages/invitation/InvitationListLink.ts
View File

@ -23,7 +23,7 @@ export class InvitationListLink extends LitElement {
} }
renderLink(): string { renderLink(): string {
return `${window.location.protocol}//${window.location.host}/if/flow/${this.selectedFlow}/?token=${this.invitation}`; return `${window.location.protocol}//${window.location.host}/if/flow/${this.selectedFlow}/?itoken=${this.invitation}`;
} }
render(): TemplateResult { render(): TemplateResult {

2
website/docs/flow/stages/invitation/index.md
View File

@ -8,6 +8,6 @@ If the option `Continue Flow without Invitation` is enabled, this stage will con
To check if a user has used an invitation within a policy, you can check `request.context.invitation_in_effect`. To check if a user has used an invitation within a policy, you can check `request.context.invitation_in_effect`.
To use an invitation, use the URL `https://authentik.tld/if/flow/your-enrollment-flow/?token=invitation-token`. To use an invitation, use the URL `https://authentik.tld/if/flow/your-enrollment-flow/?itoken=invitation-token`.
You can also prompt the user for an invite by using the [*Prompt stage*](../prompt/index.md) by using a field with a field key of `token`. You can also prompt the user for an invite by using the [*Prompt stage*](../prompt/index.md) by using a field with a field key of `token`.