diff --git a/containers/caddy/config_example/auth_policies.json b/containers/caddy/config_example/auth_policies.json index edb2d1e..f6fc1bb 100644 --- a/containers/caddy/config_example/auth_policies.json +++ b/containers/caddy/config_example/auth_policies.json @@ -5,8 +5,7 @@ }, "totp_default": { "type": "totp", - "totp_secret": "", - "totp_before_auth": false + "totp_secret": "" }, "google_workspace_admins": { "type": "oidc", diff --git a/gatekeeper/forms.py b/gatekeeper/forms.py index 9b2b538..0e57e24 100644 --- a/gatekeeper/forms.py +++ b/gatekeeper/forms.py @@ -92,14 +92,13 @@ class AuthMethodForm(forms.ModelForm): class Meta: model = AuthMethod fields = [ - 'name', 'auth_type', 'totp_secret', 'totp_before_auth', + 'name', 'auth_type', 'totp_secret', 'oidc_provider', 'oidc_client_id', 'oidc_client_secret' ] labels = { 'name': _('Name'), 'auth_type': _('Authentication Type'), 'totp_secret': _('Global TOTP Secret'), - 'totp_before_auth': _('Global TOTP Before Authentication'), 'oidc_provider': _('OIDC Provider URL'), 'oidc_client_id': _('OIDC Client ID'), 'oidc_client_secret': _('OIDC Client Secret'), @@ -122,7 +121,6 @@ class AuthMethodForm(forms.ModelForm): Div( Div('totp_secret', css_class='col-xl-6'), Div('totp_pin', css_class='col-xl-6'), - Div('totp_before_auth', css_class='col-xl-12'), css_class='row totp-group' ), Div( diff --git a/gatekeeper/migrations/0007_remove_authmethod_totp_before_auth_and_more.py b/gatekeeper/migrations/0007_remove_authmethod_totp_before_auth_and_more.py new file mode 100644 index 0000000..e7187af --- /dev/null +++ b/gatekeeper/migrations/0007_remove_authmethod_totp_before_auth_and_more.py @@ -0,0 +1,31 @@ +# Generated by Django 5.2.12 on 2026-03-15 19:28 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('gatekeeper', '0006_gatekeeperuser_password_hash'), + ] + + operations = [ + migrations.RemoveField( + model_name='authmethod', + name='totp_before_auth', + ), + migrations.RemoveField( + model_name='gatekeeperuser', + name='password_hash', + ), + migrations.AlterField( + model_name='gatekeeperuser', + name='email', + field=models.EmailField(blank=True, max_length=254, unique=True), + ), + migrations.AlterField( + model_name='gatekeeperuser', + name='password', + field=models.CharField(blank=True, help_text='Password for local authentication (leave blank if not using)', max_length=250), + ), + ] diff --git a/gatekeeper/models.py b/gatekeeper/models.py index aae3079..c44d79f 100644 --- a/gatekeeper/models.py +++ b/gatekeeper/models.py @@ -15,7 +15,6 @@ class AuthMethod(models.Model): # TOTP-specific fields totp_secret = models.CharField(max_length=255, blank=True, help_text=_("Shared/global TOTP secret key")) - totp_before_auth = models.BooleanField(default=False) # OIDC-specific fields oidc_provider = models.CharField(max_length=64, blank=True) @@ -65,9 +64,8 @@ class AuthMethodAllowedEmail(models.Model): class GatekeeperUser(models.Model): username = models.SlugField(max_length=64, unique=True) - email = models.EmailField(unique=True) - password = models.CharField(blank=True, max_length=128, help_text=_("Password for local authentication (leave blank if not using)")) - password_hash = models.CharField(blank=True, null=True, max_length=128) + email = models.EmailField(unique=True, blank=True) + password = models.CharField(blank=True, max_length=250, help_text=_("Password for local authentication (leave blank if not using)")) totp_secret = models.CharField(max_length=255, blank=True, help_text=_("Per-user TOTP secret key")) created = models.DateTimeField(auto_now_add=True)