core: add support for custom urls for avatars

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-06-22 12:24:23 +02:00
parent cea1289186
commit c6ede78fba
3 changed files with 28 additions and 16 deletions

View file

@ -143,21 +143,25 @@ class User(GuardianUserMixin, AbstractUser):
@property
def avatar(self) -> str:
"""Get avatar, depending on authentik.avatar setting"""
mode = CONFIG.raw.get("authentik").get("avatars")
mode: str = CONFIG.y("avatars", "none")
if mode == "none":
return DEFAULT_AVATAR
# gravatar uses md5 for their URLs, so md5 can't be avoided
mail_hash = md5(self.email.encode("utf-8")).hexdigest() # nosec
if mode == "gravatar":
parameters = [
("s", "158"),
("r", "g"),
]
# gravatar uses md5 for their URLs, so md5 can't be avoided
mail_hash = md5(self.email.encode("utf-8")).hexdigest() # nosec
gravatar_url = (
f"{GRAVATAR_URL}/avatar/{mail_hash}?{urlencode(parameters, doseq=True)}"
)
return escape(gravatar_url)
raise ValueError(f"Invalid avatar mode {mode}")
return mode % {
"username": self.username,
"mail_hash": mail_hash,
"upn": self.attributes.get("upn", ""),
}
class Meta:

View file

@ -50,12 +50,12 @@ outposts:
# %(build_hash)s: Build hash if you're running a beta version
docker_image_base: "ghcr.io/goauthentik/%(type)s:%(version)s"
authentik:
avatars: gravatar # gravatar or none
geoip: "./GeoLite2-City.mmdb"
# Optionally add links to the footer on the login page
footer_links:
- name: Documentation
href: https://goauthentik.io/docs/
- name: authentik Website
href: https://goauthentik.io/
avatars: env://AUTHENTIK_AUTHENTIK__AVATARS?gravatar
geoip: "./GeoLite2-City.mmdb"
# Can't currently be configured via environment variables, only yaml
footer_links:
- name: Documentation
href: https://goauthentik.io/docs/
- name: authentik Website
href: https://goauthentik.io/

View file

@ -104,8 +104,16 @@ Defaults to `info`.
Placeholder for outpost docker images. Default: `ghcr.io/goauthentik/%(type)s:%(version)s`.
### AUTHENTIK_AUTHENTIK
### AUTHENTIK_AVATARS
- `AUTHENTIK_AUTHENTIK__AVATARS`
Configure how authentik should show avatars for users. Following values can be set:
Controls which avatars are shown. Defaults to `gravatar`. Can be set to `none` to disable avatars.
- `none`: Disables per-user avatars and just shows a 1x1 pixel transparent picture
- `gravatar`: Uses gravatar with the user's email address
- Any URL: If you want to use images hosted on another server, you can set any URL.
Additionally, these placeholders can be used:
- `%(username)s`: The user's username
- `%(mail_hash)s`: The email address, md5 hashed
- `%(upn)s`: The user's UPN, if set (otherwise an empty string)