stages/identification: fix query logic for user lookup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-04-21 10:09:38 +02:00
parent fec098a823
commit 57072dd6ce

View file

@ -1,5 +1,6 @@
"""Identification stage logic""" """Identification stage logic"""
from dataclasses import asdict from dataclasses import asdict
from time import sleep
from typing import Optional from typing import Optional
from django.db.models import Q from django.db.models import Q
@ -46,6 +47,7 @@ class IdentificationChallengeResponse(ChallengeResponse):
"""Validate that user exists""" """Validate that user exists"""
pre_user = self.stage.get_user(value) pre_user = self.stage.get_user(value)
if not pre_user: if not pre_user:
sleep(0.150)
LOGGER.debug("invalid_login", identifier=value) LOGGER.debug("invalid_login", identifier=value)
raise ValidationError("Failed to authenticate.") raise ValidationError("Failed to authenticate.")
self.pre_user = pre_user self.pre_user = pre_user
@ -60,7 +62,7 @@ class IdentificationStageView(ChallengeStageView):
def get_user(self, uid_value: str) -> Optional[User]: def get_user(self, uid_value: str) -> Optional[User]:
"""Find user instance. Returns None if no user was found.""" """Find user instance. Returns None if no user was found."""
current_stage: IdentificationStage = self.executor.current_stage current_stage: IdentificationStage = self.executor.current_stage
query = Q(is_active=True) query = Q()
for search_field in current_stage.user_fields: for search_field in current_stage.user_fields:
model_field = search_field model_field = search_field
if current_stage.case_insensitive_matching: if current_stage.case_insensitive_matching:
@ -68,7 +70,7 @@ class IdentificationStageView(ChallengeStageView):
else: else:
model_field += "__exact" model_field += "__exact"
query |= Q(**{model_field: uid_value}) query |= Q(**{model_field: uid_value})
users = User.objects.filter(query) users = User.objects.filter(query, is_active=True)
if users.exists(): if users.exists():
LOGGER.debug("Found user", user=users.first(), query=query) LOGGER.debug("Found user", user=users.first(), query=query)
return users.first() return users.first()