stages/password: handle authenticate() throwing a ValidationError
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
aefeb5bacf
commit
7b0005ac42
|
@ -8,7 +8,7 @@ from django.core.exceptions import PermissionDenied
|
||||||
from django.http import HttpRequest, HttpResponse
|
from django.http import HttpRequest, HttpResponse
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from rest_framework.exceptions import ErrorDetail
|
from rest_framework.exceptions import ErrorDetail, ValidationError
|
||||||
from rest_framework.fields import CharField
|
from rest_framework.fields import CharField
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
|
||||||
|
@ -127,6 +127,12 @@ class PasswordStageView(ChallengeStageView):
|
||||||
# User was found, but permission was denied (i.e. user is not active)
|
# User was found, but permission was denied (i.e. user is not active)
|
||||||
LOGGER.debug("Denied access", **auth_kwargs)
|
LOGGER.debug("Denied access", **auth_kwargs)
|
||||||
return self.executor.stage_invalid()
|
return self.executor.stage_invalid()
|
||||||
|
except ValidationError as exc:
|
||||||
|
del auth_kwargs["password"]
|
||||||
|
# User was found, authentication succeeded, but another signal raised an error
|
||||||
|
# (most likely LDAP)
|
||||||
|
LOGGER.debug("Validation error from signal", exc=exc, **auth_kwargs)
|
||||||
|
return self.executor.stage_invalid()
|
||||||
else:
|
else:
|
||||||
if not user:
|
if not user:
|
||||||
# No user was found -> invalid credentials
|
# No user was found -> invalid credentials
|
||||||
|
|
Reference in New Issue