core: add API endpoint to directly set user's password

closes #2040

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-01-03 13:30:39 +01:00
parent d18a691f63
commit 3e22740eac
11 changed files with 234 additions and 35 deletions

View file

@ -3,6 +3,7 @@ from datetime import timedelta
from json import loads from json import loads
from typing import Optional from typing import Optional
from django.contrib.auth import update_session_auth_hash
from django.db.models.query import QuerySet from django.db.models.query import QuerySet
from django.db.transaction import atomic from django.db.transaction import atomic
from django.db.utils import IntegrityError from django.db.utils import IntegrityError
@ -359,6 +360,35 @@ class UserViewSet(UsedByMixin, ModelViewSet):
).data ).data
return Response(serializer.initial_data) return Response(serializer.initial_data)
@permission_required("authentik_core.reset_user_password")
@extend_schema(
request=inline_serializer(
"UserPasswordSetSerializer",
{
"password": CharField(required=True),
},
),
responses={
204: "",
400: "",
},
)
@action(detail=True, methods=["POST"])
# pylint: disable=invalid-name, unused-argument
def set_password(self, request: Request, pk: int) -> Response:
"""Set password for user"""
user: User = self.get_object()
try:
user.set_password(request.data.get("password"))
user.save()
except (ValidationError, IntegrityError) as exc:
LOGGER.debug("Failed to set password", exc=exc)
return Response(status=400)
if user.pk == request.user.pk and SESSION_IMPERSONATE_USER not in self.request.session:
LOGGER.debug("Updating session hash after password change")
update_session_auth_hash(self.request, user)
return Response(status=204)
@extend_schema(request=UserSelfSerializer, responses={200: SessionUserSerializer(many=False)}) @extend_schema(request=UserSelfSerializer, responses={200: SessionUserSerializer(many=False)})
@action( @action(
methods=["PUT"], methods=["PUT"],

View file

@ -5,6 +5,7 @@ from rest_framework.test import APITestCase
from authentik.core.models import USER_ATTRIBUTE_CHANGE_EMAIL, USER_ATTRIBUTE_CHANGE_USERNAME, User from authentik.core.models import USER_ATTRIBUTE_CHANGE_EMAIL, USER_ATTRIBUTE_CHANGE_USERNAME, User
from authentik.core.tests.utils import create_test_admin_user, create_test_flow, create_test_tenant from authentik.core.tests.utils import create_test_admin_user, create_test_flow, create_test_tenant
from authentik.flows.models import FlowDesignation from authentik.flows.models import FlowDesignation
from authentik.lib.generators import generate_key
from authentik.stages.email.models import EmailStage from authentik.stages.email.models import EmailStage
from authentik.tenants.models import Tenant from authentik.tenants.models import Tenant
@ -68,6 +69,18 @@ class TestUsersAPI(APITestCase):
) )
self.assertEqual(response.status_code, 404) self.assertEqual(response.status_code, 404)
def test_set_password(self):
"""Test Direct password set"""
self.client.force_login(self.admin)
new_pw = generate_key()
response = self.client.post(
reverse("authentik_api:user-set-password", kwargs={"pk": self.admin.pk}),
data={"password": new_pw},
)
self.assertEqual(response.status_code, 204)
self.admin.refresh_from_db()
self.assertTrue(self.admin.check_password(new_pw))
def test_recovery(self): def test_recovery(self):
"""Test user recovery link (no recovery flow set)""" """Test user recovery link (no recovery flow set)"""
flow = create_test_flow(FlowDesignation.RECOVERY) flow = create_test_flow(FlowDesignation.RECOVERY)

View file

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2022-01-01 14:02+0000\n" "POT-Creation-Date: 2022-01-03 12:29+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -39,99 +39,99 @@ msgstr ""
msgid "Create a SAML Provider by importing its Metadata." msgid "Create a SAML Provider by importing its Metadata."
msgstr "" msgstr ""
#: authentik/core/models.py:68 #: authentik/core/models.py:69
msgid "name" msgid "name"
msgstr "" msgstr ""
#: authentik/core/models.py:70 #: authentik/core/models.py:71
msgid "Users added to this group will be superusers." msgid "Users added to this group will be superusers."
msgstr "" msgstr ""
#: authentik/core/models.py:128 #: authentik/core/models.py:129
msgid "User's display name." msgid "User's display name."
msgstr "" msgstr ""
#: authentik/core/models.py:195 authentik/providers/oauth2/models.py:299 #: authentik/core/models.py:212 authentik/providers/oauth2/models.py:299
msgid "User" msgid "User"
msgstr "" msgstr ""
#: authentik/core/models.py:196 #: authentik/core/models.py:213
msgid "Users" msgid "Users"
msgstr "" msgstr ""
#: authentik/core/models.py:207 #: authentik/core/models.py:224
msgid "Flow used when authorizing this provider." msgid "Flow used when authorizing this provider."
msgstr "" msgstr ""
#: authentik/core/models.py:240 #: authentik/core/models.py:257
msgid "Application's display Name." msgid "Application's display Name."
msgstr "" msgstr ""
#: authentik/core/models.py:241 #: authentik/core/models.py:258
msgid "Internal application name, used in URLs." msgid "Internal application name, used in URLs."
msgstr "" msgstr ""
#: authentik/core/models.py:294 #: authentik/core/models.py:311
msgid "Application" msgid "Application"
msgstr "" msgstr ""
#: authentik/core/models.py:295 #: authentik/core/models.py:312
msgid "Applications" msgid "Applications"
msgstr "" msgstr ""
#: authentik/core/models.py:301 #: authentik/core/models.py:318
msgid "Use the source-specific identifier" msgid "Use the source-specific identifier"
msgstr "" msgstr ""
#: authentik/core/models.py:309 #: authentik/core/models.py:326
msgid "" msgid ""
"Use the user's email address, but deny enrollment when the email address " "Use the user's email address, but deny enrollment when the email address "
"already exists." "already exists."
msgstr "" msgstr ""
#: authentik/core/models.py:318 #: authentik/core/models.py:335
msgid "" msgid ""
"Use the user's username, but deny enrollment when the username already " "Use the user's username, but deny enrollment when the username already "
"exists." "exists."
msgstr "" msgstr ""
#: authentik/core/models.py:325 #: authentik/core/models.py:342
msgid "Source's display Name." msgid "Source's display Name."
msgstr "" msgstr ""
#: authentik/core/models.py:326 #: authentik/core/models.py:343
msgid "Internal source name, used in URLs." msgid "Internal source name, used in URLs."
msgstr "" msgstr ""
#: authentik/core/models.py:337 #: authentik/core/models.py:354
msgid "Flow to use when authenticating existing users." msgid "Flow to use when authenticating existing users."
msgstr "" msgstr ""
#: authentik/core/models.py:346 #: authentik/core/models.py:363
msgid "Flow to use when enrolling new users." msgid "Flow to use when enrolling new users."
msgstr "" msgstr ""
#: authentik/core/models.py:484 #: authentik/core/models.py:501
msgid "Token" msgid "Token"
msgstr "" msgstr ""
#: authentik/core/models.py:485 #: authentik/core/models.py:502
msgid "Tokens" msgid "Tokens"
msgstr "" msgstr ""
#: authentik/core/models.py:528 #: authentik/core/models.py:545
msgid "Property Mapping" msgid "Property Mapping"
msgstr "" msgstr ""
#: authentik/core/models.py:529 #: authentik/core/models.py:546
msgid "Property Mappings" msgid "Property Mappings"
msgstr "" msgstr ""
#: authentik/core/models.py:565 #: authentik/core/models.py:582
msgid "Authenticated Session" msgid "Authenticated Session"
msgstr "" msgstr ""
#: authentik/core/models.py:566 #: authentik/core/models.py:583
msgid "Authenticated Sessions" msgid "Authenticated Sessions"
msgstr "" msgstr ""

View file

@ -3269,6 +3269,34 @@ paths:
$ref: '#/components/schemas/ValidationError' $ref: '#/components/schemas/ValidationError'
'403': '403':
$ref: '#/components/schemas/GenericError' $ref: '#/components/schemas/GenericError'
/core/users/{id}/set_password/:
post:
operationId: core_users_set_password_create
description: Set password for user
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserPasswordSetRequest'
required: true
security:
- authentik: []
responses:
'204':
description: No response body
'400':
description: No response body
'403':
$ref: '#/components/schemas/GenericError'
/core/users/{id}/used_by/: /core/users/{id}/used_by/:
get: get:
operationId: core_users_used_by_list operationId: core_users_used_by_list
@ -31091,6 +31119,14 @@ components:
- identifier - identifier
- source - source
- user - user
UserPasswordSetRequest:
type: object
properties:
password:
type: string
minLength: 1
required:
- password
UserReputation: UserReputation:
type: object type: object
description: UserReputation Serializer description: UserReputation Serializer

View file

@ -3441,6 +3441,7 @@ msgstr "Passing"
#: src/flows/stages/identification/IdentificationStage.ts #: src/flows/stages/identification/IdentificationStage.ts
#: src/flows/stages/password/PasswordStage.ts #: src/flows/stages/password/PasswordStage.ts
#: src/pages/users/ServiceAccountForm.ts #: src/pages/users/ServiceAccountForm.ts
#: src/pages/users/UserPasswordForm.ts
msgid "Password" msgid "Password"
msgstr "Password" msgstr "Password"
@ -4259,6 +4260,10 @@ msgstr "Set a custom HTTP-Basic Authentication header based on values from authe
msgid "Set custom attributes using YAML or JSON." msgid "Set custom attributes using YAML or JSON."
msgstr "Set custom attributes using YAML or JSON." msgstr "Set custom attributes using YAML or JSON."
#: src/pages/users/UserListPage.ts
msgid "Set password"
msgstr "Set password"
#: src/pages/providers/proxy/ProxyProviderForm.ts #: src/pages/providers/proxy/ProxyProviderForm.ts
msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'." msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'."
msgstr "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'." msgstr "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'."
@ -4765,6 +4770,10 @@ msgstr "Successfully updated mapping."
msgid "Successfully updated outpost." msgid "Successfully updated outpost."
msgstr "Successfully updated outpost." msgstr "Successfully updated outpost."
#: src/pages/users/UserPasswordForm.ts
msgid "Successfully updated password."
msgstr "Successfully updated password."
#: src/pages/policies/dummy/DummyPolicyForm.ts #: src/pages/policies/dummy/DummyPolicyForm.ts
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts #: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts
#: src/pages/policies/expiry/ExpiryPolicyForm.ts #: src/pages/policies/expiry/ExpiryPolicyForm.ts
@ -5155,8 +5164,12 @@ msgid "To create a recovery link, the current tenant needs to have a recovery fl
msgstr "To create a recovery link, the current tenant needs to have a recovery flow configured." msgstr "To create a recovery link, the current tenant needs to have a recovery flow configured."
#: src/pages/users/UserListPage.ts #: src/pages/users/UserListPage.ts
msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant." #~ msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant."
msgstr "To directly reset a user's password, configure a recovery flow on the currently active tenant." #~ msgstr "To directly reset a user's password, configure a recovery flow on the currently active tenant."
#: src/pages/users/UserListPage.ts
msgid "To let a user directly reset a their password, configure a recovery flow on the currently active tenant."
msgstr "To let a user directly reset a their password, configure a recovery flow on the currently active tenant."
#: src/pages/sources/ldap/LDAPSourceForm.ts #: src/pages/sources/ldap/LDAPSourceForm.ts
msgid "To use SSL instead, use 'ldaps://' and disable this option." msgid "To use SSL instead, use 'ldaps://' and disable this option."
@ -5520,6 +5533,11 @@ msgstr "Update available"
msgid "Update details" msgid "Update details"
msgstr "Update details" msgstr "Update details"
#: src/pages/users/UserListPage.ts
#: src/pages/users/UserListPage.ts
msgid "Update password"
msgstr "Update password"
#: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts
#: src/pages/outposts/ServiceConnectionListPage.ts #: src/pages/outposts/ServiceConnectionListPage.ts
#: src/pages/policies/BoundPoliciesList.ts #: src/pages/policies/BoundPoliciesList.ts

View file

@ -3414,6 +3414,7 @@ msgstr "Réussite"
#: src/flows/stages/identification/IdentificationStage.ts #: src/flows/stages/identification/IdentificationStage.ts
#: src/flows/stages/password/PasswordStage.ts #: src/flows/stages/password/PasswordStage.ts
#: src/pages/users/ServiceAccountForm.ts #: src/pages/users/ServiceAccountForm.ts
#: src/pages/users/UserPasswordForm.ts
msgid "Password" msgid "Password"
msgstr "Mot de passe" msgstr "Mot de passe"
@ -4223,6 +4224,10 @@ msgstr "Définir un en-tête d'authentification HTTP-Basic personnalisé basé s
msgid "Set custom attributes using YAML or JSON." msgid "Set custom attributes using YAML or JSON."
msgstr "Définissez des attributs personnalisés via YAML ou JSON." msgstr "Définissez des attributs personnalisés via YAML ou JSON."
#: src/pages/users/UserListPage.ts
msgid "Set password"
msgstr ""
#: src/pages/providers/proxy/ProxyProviderForm.ts #: src/pages/providers/proxy/ProxyProviderForm.ts
msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'." msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'."
msgstr "" msgstr ""
@ -4724,6 +4729,10 @@ msgstr "Mapping mis à jour avec succès"
msgid "Successfully updated outpost." msgid "Successfully updated outpost."
msgstr "Avant-poste mis à jour avec succès" msgstr "Avant-poste mis à jour avec succès"
#: src/pages/users/UserPasswordForm.ts
msgid "Successfully updated password."
msgstr ""
#: src/pages/policies/dummy/DummyPolicyForm.ts #: src/pages/policies/dummy/DummyPolicyForm.ts
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts #: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts
#: src/pages/policies/expiry/ExpiryPolicyForm.ts #: src/pages/policies/expiry/ExpiryPolicyForm.ts
@ -5099,8 +5108,12 @@ msgid "To create a recovery link, the current tenant needs to have a recovery fl
msgstr "Pour créer un lien de récupération, le locataire actuel doit avoir un flux de récupération configuré." msgstr "Pour créer un lien de récupération, le locataire actuel doit avoir un flux de récupération configuré."
#: src/pages/users/UserListPage.ts #: src/pages/users/UserListPage.ts
msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant." #~ msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant."
msgstr "Pour réinitialiser directement le mot de passe d'un utilisateur, configurez un flux de récupération sur le locataire actuel." #~ msgstr "Pour réinitialiser directement le mot de passe d'un utilisateur, configurez un flux de récupération sur le locataire actuel."
#: src/pages/users/UserListPage.ts
msgid "To let a user directly reset a their password, configure a recovery flow on the currently active tenant."
msgstr ""
#: src/pages/sources/ldap/LDAPSourceForm.ts #: src/pages/sources/ldap/LDAPSourceForm.ts
msgid "To use SSL instead, use 'ldaps://' and disable this option." msgid "To use SSL instead, use 'ldaps://' and disable this option."
@ -5461,6 +5474,11 @@ msgstr "Mise à jour disponibl"
msgid "Update details" msgid "Update details"
msgstr "Détails de la mise à jour" msgstr "Détails de la mise à jour"
#: src/pages/users/UserListPage.ts
#: src/pages/users/UserListPage.ts
msgid "Update password"
msgstr ""
#: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts
#: src/pages/outposts/ServiceConnectionListPage.ts #: src/pages/outposts/ServiceConnectionListPage.ts
#: src/pages/policies/BoundPoliciesList.ts #: src/pages/policies/BoundPoliciesList.ts

View file

@ -3431,6 +3431,7 @@ msgstr ""
#: src/flows/stages/identification/IdentificationStage.ts #: src/flows/stages/identification/IdentificationStage.ts
#: src/flows/stages/password/PasswordStage.ts #: src/flows/stages/password/PasswordStage.ts
#: src/pages/users/ServiceAccountForm.ts #: src/pages/users/ServiceAccountForm.ts
#: src/pages/users/UserPasswordForm.ts
msgid "Password" msgid "Password"
msgstr "" msgstr ""
@ -4249,6 +4250,10 @@ msgstr ""
msgid "Set custom attributes using YAML or JSON." msgid "Set custom attributes using YAML or JSON."
msgstr "" msgstr ""
#: src/pages/users/UserListPage.ts
msgid "Set password"
msgstr ""
#: src/pages/providers/proxy/ProxyProviderForm.ts #: src/pages/providers/proxy/ProxyProviderForm.ts
msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'." msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'."
msgstr "" msgstr ""
@ -4755,6 +4760,10 @@ msgstr ""
msgid "Successfully updated outpost." msgid "Successfully updated outpost."
msgstr "" msgstr ""
#: src/pages/users/UserPasswordForm.ts
msgid "Successfully updated password."
msgstr ""
#: src/pages/policies/dummy/DummyPolicyForm.ts #: src/pages/policies/dummy/DummyPolicyForm.ts
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts #: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts
#: src/pages/policies/expiry/ExpiryPolicyForm.ts #: src/pages/policies/expiry/ExpiryPolicyForm.ts
@ -5135,7 +5144,11 @@ msgid "To create a recovery link, the current tenant needs to have a recovery fl
msgstr "" msgstr ""
#: src/pages/users/UserListPage.ts #: src/pages/users/UserListPage.ts
msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant." #~ msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant."
#~ msgstr ""
#: src/pages/users/UserListPage.ts
msgid "To let a user directly reset a their password, configure a recovery flow on the currently active tenant."
msgstr "" msgstr ""
#: src/pages/sources/ldap/LDAPSourceForm.ts #: src/pages/sources/ldap/LDAPSourceForm.ts
@ -5500,6 +5513,11 @@ msgstr ""
msgid "Update details" msgid "Update details"
msgstr "" msgstr ""
#: src/pages/users/UserListPage.ts
#: src/pages/users/UserListPage.ts
msgid "Update password"
msgstr ""
#: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts
#: src/pages/outposts/ServiceConnectionListPage.ts #: src/pages/outposts/ServiceConnectionListPage.ts
#: src/pages/policies/BoundPoliciesList.ts #: src/pages/policies/BoundPoliciesList.ts

View file

@ -3383,6 +3383,7 @@ msgstr "Geçiyor"
#: src/flows/stages/identification/IdentificationStage.ts #: src/flows/stages/identification/IdentificationStage.ts
#: src/flows/stages/password/PasswordStage.ts #: src/flows/stages/password/PasswordStage.ts
#: src/pages/users/ServiceAccountForm.ts #: src/pages/users/ServiceAccountForm.ts
#: src/pages/users/UserPasswordForm.ts
msgid "Password" msgid "Password"
msgstr "Parola" msgstr "Parola"
@ -4182,6 +4183,10 @@ msgstr "authentik değerlerine göre özel bir HTTP-Basic Kimlik Doğrulama baş
msgid "Set custom attributes using YAML or JSON." msgid "Set custom attributes using YAML or JSON."
msgstr "YAML veya JSON kullanarak özel nitelikleri ayarlayın." msgstr "YAML veya JSON kullanarak özel nitelikleri ayarlayın."
#: src/pages/users/UserListPage.ts
msgid "Set password"
msgstr ""
#: src/pages/providers/proxy/ProxyProviderForm.ts #: src/pages/providers/proxy/ProxyProviderForm.ts
msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'." msgid "Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'."
msgstr "Bunu kimlik doğrulamasının geçerli olmasını istediğiniz etki alanına ayarlayın. Yukarıdaki URL'nin bir üst etki alanı olmalıdır. Uygulamaları app1.domain.tld, app2.domain.tld olarak çalıştırıyorsanız, bunu 'domain.tld' olarak ayarlayın." msgstr "Bunu kimlik doğrulamasının geçerli olmasını istediğiniz etki alanına ayarlayın. Yukarıdaki URL'nin bir üst etki alanı olmalıdır. Uygulamaları app1.domain.tld, app2.domain.tld olarak çalıştırıyorsanız, bunu 'domain.tld' olarak ayarlayın."
@ -4671,6 +4676,10 @@ msgstr "Eşleme başarıyla güncellendi."
msgid "Successfully updated outpost." msgid "Successfully updated outpost."
msgstr "İleri üssü başarıyla güncelledi." msgstr "İleri üssü başarıyla güncelledi."
#: src/pages/users/UserPasswordForm.ts
msgid "Successfully updated password."
msgstr ""
#: src/pages/policies/dummy/DummyPolicyForm.ts #: src/pages/policies/dummy/DummyPolicyForm.ts
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts #: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts
#: src/pages/policies/expiry/ExpiryPolicyForm.ts #: src/pages/policies/expiry/ExpiryPolicyForm.ts
@ -5050,8 +5059,12 @@ msgid "To create a recovery link, the current tenant needs to have a recovery fl
msgstr "Kurtarma bağlantısı oluşturmak için geçerli sakinin yapılandırılmış bir kurtarma akışı olması gerekir." msgstr "Kurtarma bağlantısı oluşturmak için geçerli sakinin yapılandırılmış bir kurtarma akışı olması gerekir."
#: src/pages/users/UserListPage.ts #: src/pages/users/UserListPage.ts
msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant." #~ msgid "To directly reset a user's password, configure a recovery flow on the currently active tenant."
msgstr "Bir kullanıcının parolasını doğrudan sıfırlamak için, etkin olan sakin üzerinde bir kurtarma akışı yapılandırın." #~ msgstr "Bir kullanıcının parolasını doğrudan sıfırlamak için, etkin olan sakin üzerinde bir kurtarma akışı yapılandırın."
#: src/pages/users/UserListPage.ts
msgid "To let a user directly reset a their password, configure a recovery flow on the currently active tenant."
msgstr ""
#: src/pages/sources/ldap/LDAPSourceForm.ts #: src/pages/sources/ldap/LDAPSourceForm.ts
msgid "To use SSL instead, use 'ldaps://' and disable this option." msgid "To use SSL instead, use 'ldaps://' and disable this option."
@ -5412,6 +5425,11 @@ msgstr "Güncelleme mevcut"
msgid "Update details" msgid "Update details"
msgstr "Ayrıntıları güncelle" msgstr "Ayrıntıları güncelle"
#: src/pages/users/UserListPage.ts
#: src/pages/users/UserListPage.ts
msgid "Update password"
msgstr ""
#: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts
#: src/pages/outposts/ServiceConnectionListPage.ts #: src/pages/outposts/ServiceConnectionListPage.ts
#: src/pages/policies/BoundPoliciesList.ts #: src/pages/policies/BoundPoliciesList.ts

View file

@ -404,7 +404,7 @@ export class ProxyProviderFormPage extends ModelForm<ProxyProvider, number> {
<ak-form-element-horizontal <ak-form-element-horizontal
label="${this.mode === ProxyMode.ForwardDomain label="${this.mode === ProxyMode.ForwardDomain
? t`Unauthenticated URLs` ? t`Unauthenticated URLs`
: t`Unauthenticated Paths`}${t``}" : t`Unauthenticated Paths`}"
name="skipPathRegex" name="skipPathRegex"
> >
<textarea class="pf-c-form-control"> <textarea class="pf-c-form-control">

View file

@ -26,6 +26,7 @@ import { first } from "../../utils";
import "./ServiceAccountForm"; import "./ServiceAccountForm";
import "./UserActiveForm"; import "./UserActiveForm";
import "./UserForm"; import "./UserForm";
import "./UserPasswordForm";
import "./UserResetEmailForm"; import "./UserResetEmailForm";
@customElement("ak-user-list") @customElement("ak-user-list")
@ -204,12 +205,23 @@ export class UserListPage extends TablePage<User> {
</dt> </dt>
<dd class="pf-c-description-list__description"> <dd class="pf-c-description-list__description">
<div class="pf-c-description-list__text"> <div class="pf-c-description-list__text">
<ak-forms-modal>
<span slot="submit">${t`Update password`}</span>
<span slot="header">${t`Update password`}</span>
<ak-user-password-form
slot="form"
.instancePk=${item.pk}
></ak-user-password-form>
<button slot="trigger" class="pf-c-button pf-m-secondary">
${t`Set password`}
</button>
</ak-forms-modal>
${until( ${until(
tenant().then((tenant) => { tenant().then((tenant) => {
if (!tenant.flowRecovery) { if (!tenant.flowRecovery) {
return html` return html`
<p> <p>
${t`To directly reset a user's password, configure a recovery flow on the currently active tenant.`} ${t`To let a user directly reset a their password, configure a recovery flow on the currently active tenant.`}
</p> </p>
`; `;
} }

View file

@ -0,0 +1,36 @@
import { t } from "@lingui/macro";
import { TemplateResult, html } from "lit";
import { customElement, property } from "lit/decorators.js";
import { CoreApi, UserPasswordSetRequest } from "@goauthentik/api";
import { DEFAULT_CONFIG } from "../../api/Config";
import "../../elements/buttons/SpinnerButton";
import { Form } from "../../elements/forms/Form";
import "../../elements/forms/HorizontalFormElement";
@customElement("ak-user-password-form")
export class UserPasswordForm extends Form<UserPasswordSetRequest> {
@property({ type: Number })
instancePk?: number;
getSuccessMessage(): string {
return t`Successfully updated password.`;
}
send = (data: UserPasswordSetRequest): Promise<void> => {
return new CoreApi(DEFAULT_CONFIG).coreUsersSetPasswordCreate({
id: this.instancePk || 0,
userPasswordSetRequest: data,
});
};
renderForm(): TemplateResult {
return html`<form class="pf-c-form pf-m-horizontal">
<ak-form-element-horizontal label=${t`Password`} ?required=${true} name="password">
<input type="password" value="" class="pf-c-form-control" required />
</ak-form-element-horizontal>
</form>`;
}
}