core: fix token identifier not being slugified when created with user-controller input
closes #1390 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
b5c857aff4
commit
3f84abec2f
|
@ -8,6 +8,7 @@ from django.db.transaction import atomic
|
|||
from django.db.utils import IntegrityError
|
||||
from django.urls import reverse_lazy
|
||||
from django.utils.http import urlencode
|
||||
from django.utils.text import slugify
|
||||
from django.utils.timezone import now
|
||||
from django.utils.translation import gettext as _
|
||||
from django_filters.filters import BooleanFilter, CharFilter, ModelMultipleChoiceFilter
|
||||
|
@ -273,7 +274,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
|
|||
)
|
||||
group.users.add(user)
|
||||
token = Token.objects.create(
|
||||
identifier=f"service-account-{username}-password",
|
||||
identifier=slugify(f"service-account-{username}-password"),
|
||||
intent=TokenIntents.INTENT_APP_PASSWORD,
|
||||
user=user,
|
||||
expires=now() + timedelta(days=360),
|
||||
|
|
|
@ -4,6 +4,7 @@ from getpass import getuser
|
|||
|
||||
from django.core.management.base import BaseCommand
|
||||
from django.urls import reverse
|
||||
from django.utils.text import slugify
|
||||
from django.utils.timezone import now
|
||||
from django.utils.translation import gettext as _
|
||||
from structlog.stdlib import get_logger
|
||||
|
@ -42,7 +43,7 @@ class Command(BaseCommand):
|
|||
user=user,
|
||||
intent=TokenIntents.INTENT_RECOVERY,
|
||||
description=f"Recovery Token generated by {getuser()} on {_now}",
|
||||
identifier=f"ak-recovery-{user}-{_now}",
|
||||
identifier=slugify(f"ak-recovery-{user}-{_now}"),
|
||||
)
|
||||
self.stdout.write(
|
||||
(f"Store this link safely, as it will allow" f" anyone to access authentik as {user}.")
|
||||
|
|
Reference in New Issue