add identifiers options on login/password authn (#78046)

2023-06-14 10:18:16 +02:00 · 2023-06-14 10:18:16 +02:00 · a1169d83ff
parent 16bfe44f41
commit a1169d83ff
2 changed files with 57 additions and 0 deletions
--- a/src/authentic2/apps/authenticators/migrations/0010_auto_20230614_1017.py
+++ b/src/authentic2/apps/authenticators/migrations/0010_auto_20230614_1017.py
@ -0,0 +1,39 @@
+# Generated by Django 3.2.18 on 2023-06-14 08:17
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('authentic2', '0048_rename_services_runtime_settings'),
+        ('authenticators', '0009_migrate_new_password_settings'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='loginpasswordauthenticator',
+            name='accept_email_authentication',
+            field=models.BooleanField(
+                default=True, verbose_name='Let the users identify with their email address'
+            ),
+        ),
+        migrations.AddField(
+            model_name='loginpasswordauthenticator',
+            name='accept_phone_authentication',
+            field=models.BooleanField(
+                default=False, verbose_name='Let the users identify with their phone number'
+            ),
+        ),
+        migrations.AddField(
+            model_name='loginpasswordauthenticator',
+            name='phone_identifier_field',
+            field=models.ForeignKey(
+                null=True,
+                blank=True,
+                on_delete=django.db.models.deletion.PROTECT,
+                to='authentic2.attribute',
+                verbose_name='Phone field used as user identifier',
+            ),
+        ),
+    ]
--- a/src/authentic2/apps/authenticators/models.py
+++ b/src/authentic2/apps/authenticators/models.py
@ -33,6 +33,7 @@ from authentic2 import views
 from authentic2.a2_rbac.models import Role
 from authentic2.data_transfer import search_ou, search_role
 from authentic2.manager.utils import label_from_role
+from authentic2.models import Attribute
 from authentic2.utils.evaluate import condition_validator, evaluate_condition

 from .query import AuthenticatorManager
@ -290,6 +291,19 @@ class LoginPasswordAuthenticator(BaseAuthenticator):
        ),
    )
    include_ou_selector = models.BooleanField(_('Include OU selector in login form'), default=False)
+    accept_email_authentication = models.BooleanField(
+        _('Let the users identify with their email address'), default=True
+    )
+    accept_phone_authentication = models.BooleanField(
+        _('Let the users identify with their phone number'), default=False
+    )
+    phone_identifier_field = models.ForeignKey(
+        Attribute,
+        verbose_name=_('Phone field used as user identifier'),
+        on_delete=models.PROTECT,
+        null=True,
+        blank=True,
+    )

    password_min_length = models.PositiveIntegerField(_('Password minimum length'), default=8, null=True)
    password_regex = models.CharField(
@ -362,6 +376,10 @@ class LoginPasswordAuthenticator(BaseAuthenticator):
    class Meta:
        verbose_name = _('Password')

+    @property
+    def is_phone_authn_active(self):
+        return bool(self.accept_phone_authentication and self.phone_identifier_field)
+
    @property
    def manager_form_classes(self):
        from .forms import LoginPasswordAuthenticatorAdvancedForm, LoginPasswordAuthenticatorEditForm