def authenticate_credentials(self, key):
user, token = super(TokenAuthentication, self).authenticate_credentials(key)
try:
kc_user = KeycloakModel.objects.get(user = user)
# DP ???: Should a user's roles be synced?
if self.user_exist(kc_user.UID):
return (user, token) # regular return for authenticate_credentials()
else:
# Disable the user in Django to shortcut the Keycloak lookup
user.is_active = False
user.save()
raise exceptions.AuthenticationFailed(_('User inactive or deleted.'))
except KeycloakModel.DoesNotExist:
# Regular Django user account
return (user, token)
评论列表
文章目录
