From 42e96d2f1495d42b375ccfbb78e1c3578f558580 Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Mon, 11 Dec 2023 22:15:12 +1000 Subject: [PATCH 1/5] close the python section to fix mysql tabs/steps --- docs/installation/allianceauth.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/installation/allianceauth.md b/docs/installation/allianceauth.md index 9f7b622b..1e93297f 100644 --- a/docs/installation/allianceauth.md +++ b/docs/installation/allianceauth.md @@ -120,12 +120,14 @@ cd Python-3.11.5/ sudo make altinstall ``` +::: +:::: + ### Database It's recommended to use a database service instead of SQLite. Many options are available, but this guide will use MariaDB 10.11 ::::{tabs} - :::{group-tab} Ubuntu 2004, 2204 Follow the instructions at to add the MariaDB repository to your host. From bd8ef848620af1bc651990ee34471b036288f206 Mon Sep 17 00:00:00 2001 From: colcrunch Date: Mon, 11 Dec 2023 18:13:24 -0500 Subject: [PATCH 2/5] Delete tokens that can not be used for logins. --- allianceauth/authentication/views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/allianceauth/authentication/views.py b/allianceauth/authentication/views.py index 15c746c7..2a06f11c 100644 --- a/allianceauth/authentication/views.py +++ b/allianceauth/authentication/views.py @@ -172,6 +172,8 @@ def sso_login(request, token): # Go to Step 2 return redirect('registration_register') messages.error(request, _('Unable to authenticate as the selected character.')) + # Logging in with an alt is not allowed due to security concerns. + token.delete() return redirect(settings.LOGIN_URL) From c558a980e16d8a23ba2d0a1f57e0762978c4c0e7 Mon Sep 17 00:00:00 2001 From: colcrunch Date: Mon, 11 Dec 2023 18:14:09 -0500 Subject: [PATCH 3/5] Add more detail to error message displayed on failed alt login. --- allianceauth/authentication/views.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/allianceauth/authentication/views.py b/allianceauth/authentication/views.py index 2a06f11c..ddb43eb1 100644 --- a/allianceauth/authentication/views.py +++ b/allianceauth/authentication/views.py @@ -171,9 +171,12 @@ def sso_login(request, token): request.session['registration_uid'] = user.pk # Go to Step 2 return redirect('registration_register') - messages.error(request, _('Unable to authenticate as the selected character.')) # Logging in with an alt is not allowed due to security concerns. token.delete() + messages.error(request, + _('Unable to authenticate as the selected character. ' + 'Please log in with the main character associated with this account.') + ) return redirect(settings.LOGIN_URL) From 65e1545a669d8d476e46b79216d759802e451491 Mon Sep 17 00:00:00 2001 From: colcrunch Date: Mon, 11 Dec 2023 18:16:34 -0500 Subject: [PATCH 4/5] Remove all references to messages as they are never relayed to the user. --- allianceauth/authentication/backends.py | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/allianceauth/authentication/backends.py b/allianceauth/authentication/backends.py index f7b2038f..260dd293 100644 --- a/allianceauth/authentication/backends.py +++ b/allianceauth/authentication/backends.py @@ -2,7 +2,6 @@ import logging from django.contrib.auth.backends import ModelBackend from django.contrib.auth.models import User, Permission -from django.contrib import messages from .models import UserProfile, CharacterOwnership, OwnershipRecord @@ -41,9 +40,7 @@ class StateBackend(ModelBackend): if ownership.user.profile.main_character: if ownership.user.profile.main_character.character_id == token.character_id: return ownership.user - else: ## this is an alt, enforce main only. - if request: - messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account.") + else: # this is an alt, enforce main only. return None else: logger.debug(f'{token.character_name} has changed ownership. Creating new user account.') @@ -66,9 +63,7 @@ class StateBackend(ModelBackend): user = records[0].user if user.profile.main_character: if user.profile.main_character.character_id != token.character_id: - ## this is an alt, enforce main only due to trust issues in SSO. - if request: - messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account. Then add this character from the dashboard.") + # this is an alt, enforce main only due to trust issues in SSO. return None token.user = user From c15b955d5e55ae0d932b3486e66e050e82df5872 Mon Sep 17 00:00:00 2001 From: colcrunch Date: Mon, 11 Dec 2023 18:37:35 -0500 Subject: [PATCH 5/5] Make pre-commit happy --- allianceauth/authentication/views.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/allianceauth/authentication/views.py b/allianceauth/authentication/views.py index ddb43eb1..c5c036bf 100644 --- a/allianceauth/authentication/views.py +++ b/allianceauth/authentication/views.py @@ -173,10 +173,11 @@ def sso_login(request, token): return redirect('registration_register') # Logging in with an alt is not allowed due to security concerns. token.delete() - messages.error(request, - _('Unable to authenticate as the selected character. ' - 'Please log in with the main character associated with this account.') - ) + messages.error( + request, + _('Unable to authenticate as the selected character. ' + 'Please log in with the main character associated with this account.') + ) return redirect(settings.LOGIN_URL)