remove unused TOTP field and update user model constraints

2026-03-17 14:26:18 +00:00 · 2026-03-15 16:29:20 -03:00
parent 6b70701c9c
commit 517bd14bdb
4 changed files with 35 additions and 9 deletions
--- a/containers/caddy/config_example/auth_policies.json
+++ b/containers/caddy/config_example/auth_policies.json
@@ -5,8 +5,7 @@
    },
    "totp_default": {
      "type": "totp",
-      "totp_secret": "",
+      "totp_secret": ""
      "totp_before_auth": false
    },
    "google_workspace_admins": {
      "type": "oidc",
--- a/gatekeeper/forms.py
+++ b/gatekeeper/forms.py
@@ -92,14 +92,13 @@ class AuthMethodForm(forms.ModelForm):
    class Meta:
        model = AuthMethod
        fields = [
-            'name', 'auth_type', 'totp_secret', 'totp_before_auth',
+            'name', 'auth_type', 'totp_secret',
            'oidc_provider', 'oidc_client_id', 'oidc_client_secret'
        ]
        labels = {
            'name': _('Name'),
            'auth_type': _('Authentication Type'),
            'totp_secret': _('Global TOTP Secret'),
            'totp_before_auth': _('Global TOTP Before Authentication'),
            'oidc_provider': _('OIDC Provider URL'),
            'oidc_client_id': _('OIDC Client ID'),
            'oidc_client_secret': _('OIDC Client Secret'),
@@ -122,7 +121,6 @@ class AuthMethodForm(forms.ModelForm):
            Div(
                Div('totp_secret', css_class='col-xl-6'),
                Div('totp_pin', css_class='col-xl-6'),
                Div('totp_before_auth', css_class='col-xl-12'),
                css_class='row totp-group'
            ),
            Div(
--- a/gatekeeper/migrations/0007_remove_authmethod_totp_before_auth_and_more.py
+++ b/gatekeeper/migrations/0007_remove_authmethod_totp_before_auth_and_more.py
@@ -0,0 +1,31 @@
 # Generated by Django 5.2.12 on 2026-03-15 19:28
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('gatekeeper', '0006_gatekeeperuser_password_hash'),
    ]
    operations = [
        migrations.RemoveField(
            model_name='authmethod',
            name='totp_before_auth',
        ),
        migrations.RemoveField(
            model_name='gatekeeperuser',
            name='password_hash',
        ),
        migrations.AlterField(
            model_name='gatekeeperuser',
            name='email',
            field=models.EmailField(blank=True, max_length=254, unique=True),
        ),
        migrations.AlterField(
            model_name='gatekeeperuser',
            name='password',
            field=models.CharField(blank=True, help_text='Password for local authentication (leave blank if not using)', max_length=250),
        ),
    ]
--- a/gatekeeper/models.py
+++ b/gatekeeper/models.py
@@ -15,7 +15,6 @@ class AuthMethod(models.Model):
    # TOTP-specific fields
    totp_secret = models.CharField(max_length=255, blank=True, help_text=_("Shared/global TOTP secret key"))
    totp_before_auth = models.BooleanField(default=False)
    # OIDC-specific fields
    oidc_provider = models.CharField(max_length=64, blank=True)
@@ -65,9 +64,8 @@ class AuthMethodAllowedEmail(models.Model):
 class GatekeeperUser(models.Model):
    username = models.SlugField(max_length=64, unique=True)
-    email = models.EmailField(unique=True)
+    email = models.EmailField(unique=True, blank=True)
-    password = models.CharField(blank=True, max_length=128, help_text=_("Password for local authentication (leave blank if not using)"))
+    password = models.CharField(blank=True, max_length=250, help_text=_("Password for local authentication (leave blank if not using)"))
    password_hash = models.CharField(blank=True, null=True, max_length=128)
    totp_secret = models.CharField(max_length=255, blank=True, help_text=_("Per-user TOTP secret key"))
    created = models.DateTimeField(auto_now_add=True)