OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1740 Commits
13 Branches
0 Tags
45 MiB
Tree: 35f9f1e3c9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '35f9f1e3c9'
${ noResults }
server-tools/auth_totp_password_security/controllers/main.py

26 lines
967 B
Raw Normal View History

[ADD] auth_totp_password_security: Compatibility * Overload mfa_login_post action introduced by auth_totp so that password expiration check from password_security still happens during an MFA login * Add unit tests for new logic
7 years ago
  1. # -*- coding: utf-8 -*-
  2. # Copyright 2017 LasLabs Inc.
  3. # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html)
  5. from openerp.http import redirect_with_hash, request, route
  6. from openerp.addons.auth_totp.controllers.main import AuthTotp
  9. class AuthTotpPasswordSecurity(AuthTotp):
  10. @route()
  11. def mfa_login_post(self, *args, **kwargs):
  12. """Overload to check password expiration after MFA login"""
  13. super_object = super(AuthTotpPasswordSecurity, self)
  14. response = super_object.mfa_login_post(*args, **kwargs)
  16. if not request.params.get('login_success'):
  17. return response
  19. user = request.env['res.users'].sudo().browse(request.uid)
  20. if user._password_has_expired():
  21. user.action_expire_password()
  22. request.session.logout(keep_db=True)
  23. request.params['login_success'] = False
  24. return redirect_with_hash(user.partner_id.signup_url)
  26. return response