fix: Password reset is only required for AUTH_BACKEND_MODEL

zhubairui · Sep 19, 2024 · 3dde80a · 3dde80a
1 parent e373a79
commit 3dde80a
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 3 deletions.
diff --git a/apps/authentication/mixins.py b/apps/authentication/mixins.py
@@ -301,6 +301,7 @@ def incr_mfa_failed_time(username, ip):
 
 
 class AuthPostCheckMixin:
+
     @classmethod
     def generate_reset_password_url_with_flash_msg(cls, user, message):
         reset_passwd_url = reverse('authentication:reset-password')
@@ -319,20 +320,26 @@ def generate_reset_password_url_with_flash_msg(cls, user, message):
 
     @classmethod
     def _check_passwd_is_too_simple(cls, user: User, password):
+        if not user.is_auth_backend_model():
+            return
         if user.check_passwd_too_simple(password):
             message = _('Your password is too simple, please change it for security')
             url = cls.generate_reset_password_url_with_flash_msg(user, message=message)
             raise errors.PasswordTooSimple(url)
 
     @classmethod
     def _check_passwd_need_update(cls, user: User):
+        if not user.is_auth_backend_model():
+            return
         if user.check_need_update_password():
             message = _('You should to change your password before login')
             url = cls.generate_reset_password_url_with_flash_msg(user, message)
             raise errors.PasswordNeedUpdate(url)
 
     @classmethod
     def _check_password_require_reset_or_not(cls, user: User):
+        if not user.is_auth_backend_model():
+            return
         if user.password_has_expired:
             message = _('Your password has expired, please reset before logging in')
             url = cls.generate_reset_password_url_with_flash_msg(user, message)

diff --git a/apps/users/models/user/_auth.py b/apps/users/models/user/_auth.py
@@ -233,13 +233,17 @@ def check_need_update_password(self):
             return True
         return False
 
-    def check_passwd_too_simple(self, password):
-        backend = getattr(self, 'backend', None)
+    @staticmethod
+    def check_passwd_too_simple(password):
         simple_passwords = ['admin', 'ChangeMe']
-        if backend == settings.AUTH_BACKEND_MODEL and password in simple_passwords:
+        if password in simple_passwords:
             return True
         return False
 
+    def is_auth_backend_model(self):
+        backend = getattr(self, 'backend', None)
+        return backend == settings.AUTH_BACKEND_MODEL
+
     @staticmethod
     def get_public_key_md5(key):
         try: