-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve login screen and process #3695
Closed
3 tasks done
Comments
joeribekker
added
triage
Issue needs to be validated. Remove this label if the issue considered valid.
enhancement
and removed
triage
Issue needs to be validated. Remove this label if the issue considered valid.
labels
Dec 15, 2023
sergei-maertens
added a commit
that referenced
this issue
Feb 2, 2024
Also addresses part of #3695 * Drop the maykin-django-two-factor-auth dependency - it is replaced with the upstream package through maykin-2fa * Drop phonenumbers, instead phonenumberslite is enforced by maykin-2fa
sergei-maertens
added a commit
that referenced
this issue
Feb 2, 2024
Also addresses part of #3695 * Drop the maykin-django-two-factor-auth dependency - it is replaced with the upstream package through maykin-2fa * Drop phonenumbers, instead phonenumberslite is enforced by maykin-2fa
sergei-maertens
added a commit
that referenced
this issue
Feb 3, 2024
Also addresses part of #3695 * Drop the maykin-django-two-factor-auth dependency - it is replaced with the upstream package through maykin-2fa * Drop phonenumbers, instead phonenumberslite is enforced by maykin-2fa
sergei-maertens
added a commit
that referenced
this issue
Feb 5, 2024
Also addresses part of #3695 * Drop the maykin-django-two-factor-auth dependency - it is replaced with the upstream package through maykin-2fa * Drop phonenumbers, instead phonenumberslite is enforced by maykin-2fa
sergei-maertens
added a commit
that referenced
this issue
Feb 7, 2024
Also addresses part of #3695 * Drop the maykin-django-two-factor-auth dependency - it is replaced with the upstream package through maykin-2fa * Drop phonenumbers, instead phonenumberslite is enforced by maykin-2fa
Need to handle the auto-redirect/ |
sergei-maertens
added a commit
that referenced
this issue
Feb 26, 2024
Hooking up a different url under the admin:login name was not possible, while you can replace/override that namespace, it turns out it breaks the admin:index reverse URL. Instead, overriding the actual URL with a redirect view that sends you to either the OIDC provider (while retaining the ?next param) or the classic username/password authentication page works better. It also makes it easier to test the behaviour by just toggling a setting rather than conditionally including/overriding some URLs.
sergei-maertens
added a commit
that referenced
this issue
Feb 26, 2024
sergei-maertens
added a commit
that referenced
this issue
Feb 26, 2024
sergei-maertens
added a commit
that referenced
this issue
Feb 27, 2024
sergei-maertens
added a commit
that referenced
this issue
Feb 27, 2024
Hooking up a different url under the admin:login name was not possible, while you can replace/override that namespace, it turns out it breaks the admin:index reverse URL. Instead, overriding the actual URL with a redirect view that sends you to either the OIDC provider (while retaining the ?next param) or the classic username/password authentication page works better. It also makes it easier to test the behaviour by just toggling a setting rather than conditionally including/overriding some URLs.
sergei-maertens
added a commit
that referenced
this issue
Feb 27, 2024
sergei-maertens
added a commit
that referenced
this issue
Feb 27, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thema / Theme
Admin
Omschrijving / Description
The login process is suboptimal. 2FA is globally set but when using OIDC this should be decided by the OIDC-provider. If OIDC is used, you can still use local accounts. This should be discouraged visually.
Tasks
LOGIN_URL
an environment variable, and document it. This allows us to set it to/oidc/authenticate/
to automatically go to OIDC provider instead of showing the regular login form.2FA upgrade is also required for #3049
Added value / Toegevoegde waarde
No response
Aanvullende opmerkingen / Additional context
No response
The text was updated successfully, but these errors were encountered: