Mirrored_Repos/InvenTree
1
0
Fork 0
mirror of https://github.com/inventree/InvenTree synced 2024-08-30 18:33:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allauth settings update (#6830)

Browse Source 
* Allauth settings updates:

- Ref: https://docs.allauth.org/en/latest/account/rate_limits.html
- Auto-detect protocol if SITE_URL is provided
- Update rate limit setting definition
- Removed "deprecation warning" in logs

* Update docs

* Adjust default value for login attempt rate limit

Ref: https://docs.allauth.org/en/latest/account/rate_limits.html#rate-limits

* Fix format
This commit is contained in:
Oliver 2024-03-24 16:18:53 +11:00 committed by GitHub
parent 2ab94141ea
commit a18a7af881
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 28 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
InvenTree/InvenTree/settings.py
View File

@ -1130,12 +1130,32 @@ SOCIALACCOUNT_OPENID_CONNECT_URL_PREFIX = ''
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = get_setting(
'INVENTREE_LOGIN_CONFIRM_DAYS', 'login_confirm_days', 3, typecast=int
)
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = get_setting(
'INVENTREE_LOGIN_ATTEMPTS', 'login_attempts', 5, typecast=int
)
# allauth rate limiting: https://docs.allauth.org/en/latest/account/rate_limits.html
# The default login rate limit is "5/m/user,5/m/ip,5/m/key"
login_attempts = get_setting('INVENTREE_LOGIN_ATTEMPTS', 'login_attempts', 5)
try:
login_attempts = int(login_attempts)
login_attempts = f'{login_attempts}/m/ip,{login_attempts}/m/key'
except ValueError:
pass
ACCOUNT_RATE_LIMITS = {'login_failed': login_attempts}
# Default protocol for login
ACCOUNT_DEFAULT_HTTP_PROTOCOL = get_setting(
'INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL', 'login_default_protocol', 'http'
'INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL', 'login_default_protocol', None
)
if ACCOUNT_DEFAULT_HTTP_PROTOCOL is None:
if SITE_URL and SITE_URL.startswith('https://'):
# auto-detect HTTPS prtoocol
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'https'
else:
# default to http
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'http'
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = True
ACCOUNT_PREVENT_ENUMERATION = True
ACCOUNT_EMAIL_SUBJECT_PREFIX = EMAIL_SUBJECT_PREFIX

5
docs/docs/start/config.md
View File

@ -292,7 +292,10 @@ The login-experience can be altered with the following settings:
| --- | --- | --- | --- |
| INVENTREE_LOGIN_CONFIRM_DAYS | login_confirm_days | Duration for which confirmation links are valid | 3 |
| INVENTREE_LOGIN_ATTEMPTS | login_attempts | Count of allowed login attempts before blocking user | 5 |
| INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL | login_default_protocol | Default protocol to use for login callbacks (e.g. using [SSO](#single-sign-on)) | http |
| INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL | login_default_protocol | Default protocol to use for login callbacks (e.g. using [SSO](#single-sign-on)) | Uses the protocol specified in `INVENTREE_SITE_URL`, or defaults to *http* |
!!! tip "Default Protocol"
If you have specified `INVENTREE_SITE_URL`, the default protocol will be used from that setting. Otherwise, the default protocol will be *http*.
### Authentication Backends