core: add support for custom urls for avatars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
cea1289186
commit
c6ede78fba
|
@ -143,21 +143,25 @@ class User(GuardianUserMixin, AbstractUser):
|
||||||
@property
|
@property
|
||||||
def avatar(self) -> str:
|
def avatar(self) -> str:
|
||||||
"""Get avatar, depending on authentik.avatar setting"""
|
"""Get avatar, depending on authentik.avatar setting"""
|
||||||
mode = CONFIG.raw.get("authentik").get("avatars")
|
mode: str = CONFIG.y("avatars", "none")
|
||||||
if mode == "none":
|
if mode == "none":
|
||||||
return DEFAULT_AVATAR
|
return DEFAULT_AVATAR
|
||||||
|
# gravatar uses md5 for their URLs, so md5 can't be avoided
|
||||||
|
mail_hash = md5(self.email.encode("utf-8")).hexdigest() # nosec
|
||||||
if mode == "gravatar":
|
if mode == "gravatar":
|
||||||
parameters = [
|
parameters = [
|
||||||
("s", "158"),
|
("s", "158"),
|
||||||
("r", "g"),
|
("r", "g"),
|
||||||
]
|
]
|
||||||
# gravatar uses md5 for their URLs, so md5 can't be avoided
|
|
||||||
mail_hash = md5(self.email.encode("utf-8")).hexdigest() # nosec
|
|
||||||
gravatar_url = (
|
gravatar_url = (
|
||||||
f"{GRAVATAR_URL}/avatar/{mail_hash}?{urlencode(parameters, doseq=True)}"
|
f"{GRAVATAR_URL}/avatar/{mail_hash}?{urlencode(parameters, doseq=True)}"
|
||||||
)
|
)
|
||||||
return escape(gravatar_url)
|
return escape(gravatar_url)
|
||||||
raise ValueError(f"Invalid avatar mode {mode}")
|
return mode % {
|
||||||
|
"username": self.username,
|
||||||
|
"mail_hash": mail_hash,
|
||||||
|
"upn": self.attributes.get("upn", ""),
|
||||||
|
}
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
|
|
|
@ -50,12 +50,12 @@ outposts:
|
||||||
# %(build_hash)s: Build hash if you're running a beta version
|
# %(build_hash)s: Build hash if you're running a beta version
|
||||||
docker_image_base: "ghcr.io/goauthentik/%(type)s:%(version)s"
|
docker_image_base: "ghcr.io/goauthentik/%(type)s:%(version)s"
|
||||||
|
|
||||||
authentik:
|
avatars: env://AUTHENTIK_AUTHENTIK__AVATARS?gravatar
|
||||||
avatars: gravatar # gravatar or none
|
geoip: "./GeoLite2-City.mmdb"
|
||||||
geoip: "./GeoLite2-City.mmdb"
|
|
||||||
# Optionally add links to the footer on the login page
|
# Can't currently be configured via environment variables, only yaml
|
||||||
footer_links:
|
footer_links:
|
||||||
- name: Documentation
|
- name: Documentation
|
||||||
href: https://goauthentik.io/docs/
|
href: https://goauthentik.io/docs/
|
||||||
- name: authentik Website
|
- name: authentik Website
|
||||||
href: https://goauthentik.io/
|
href: https://goauthentik.io/
|
||||||
|
|
|
@ -104,8 +104,16 @@ Defaults to `info`.
|
||||||
|
|
||||||
Placeholder for outpost docker images. Default: `ghcr.io/goauthentik/%(type)s:%(version)s`.
|
Placeholder for outpost docker images. Default: `ghcr.io/goauthentik/%(type)s:%(version)s`.
|
||||||
|
|
||||||
### AUTHENTIK_AUTHENTIK
|
### AUTHENTIK_AVATARS
|
||||||
|
|
||||||
- `AUTHENTIK_AUTHENTIK__AVATARS`
|
Configure how authentik should show avatars for users. Following values can be set:
|
||||||
|
|
||||||
Controls which avatars are shown. Defaults to `gravatar`. Can be set to `none` to disable avatars.
|
- `none`: Disables per-user avatars and just shows a 1x1 pixel transparent picture
|
||||||
|
- `gravatar`: Uses gravatar with the user's email address
|
||||||
|
- Any URL: If you want to use images hosted on another server, you can set any URL.
|
||||||
|
|
||||||
|
Additionally, these placeholders can be used:
|
||||||
|
|
||||||
|
- `%(username)s`: The user's username
|
||||||
|
- `%(mail_hash)s`: The email address, md5 hashed
|
||||||
|
- `%(upn)s`: The user's UPN, if set (otherwise an empty string)
|
||||||
|
|
Reference in New Issue