stages/authenticator_validate: create a default authenticator validate stage with sensible defaults

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-10-16 00:28:56 +02:00
parent 8040e2b6e4
commit 0225bf9c99

View file

@ -0,0 +1,57 @@
# Generated by Django 3.0.3 on 2020-05-08 14:30
from django.apps.registry import Apps
from django.db import migrations
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
from authentik.stages.authenticator_validate.models import default_device_classes
def create_default_validate_stage(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
Flow = apps.get_model("authentik_flows", "Flow")
FlowStageBinding = apps.get_model("authentik_flows", "FlowStageBinding")
AuthenticatorValidateStage = apps.get_model(
"authentik_stages_authenticator_validate", "AuthenticatorValidateStage"
)
db_alias = schema_editor.connection.alias
auth_flows = Flow.objects.using(db_alias).filter(slug="default-authentication-flow")
if not auth_flows.exists():
return
# If there's already a validation stage in the flow, skip
if (
AuthenticatorValidateStage.objects.using(db_alias)
.filter(flow__slug="default-authentication-flow")
.exists()
):
return
validate_stage, _ = AuthenticatorValidateStage.objects.using(db_alias).update_or_create(
name="default-authentication-mfa-validation",
defaults={
"device_classes": default_device_classes,
},
)
FlowStageBinding.objects.using(db_alias).update_or_create(
target=auth_flows.first(),
stage=validate_stage,
defaults={
"order": 30,
},
)
class Migration(migrations.Migration):
dependencies = [
("authentik_flows", "0008_default_flows"),
(
"authentik_stages_authenticator_validate",
"0008_alter_authenticatorvalidatestage_device_classes",
),
]
operations = [migrations.RunPython(create_default_validate_stage)]