205hlab-mirrors/authentik
2
0
Fork 0
mirror of https://github.com/goauthentik/authentik.git synced 2026-06-17 19:09:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

stages/authenticator_validate: decrease reputation on failed MFA attempt (#19378)

Browse Source 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L.
2026-01-13 18:05:47 +01:00
committed by GitHub
parent 8f3c927ffb
commit 291b35c3db
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
authentik/stages/authenticator_validate/stage.py
+5
View File
@@ -21,6 +21,7 @@ from authentik.flows.models import FlowDesignation, NotConfiguredAction, Stage
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
from authentik.flows.stage import ChallengeStageView
from authentik.lib.utils.time import timedelta_from_string
from authentik.policies.reputation.signals import update_score
from authentik.stages.authenticator import devices_for_user
from authentik.stages.authenticator.models import Device
from authentik.stages.authenticator_email.models import EmailDevice
@@ -418,6 +419,10 @@ class AuthenticatorValidateStageView(ChallengeStageView):
)
return response
def challenge_invalid(self, response: AuthenticatorValidationChallengeResponse) -> HttpResponse:
update_score(self.request, self.get_pending_user().username, -1)
return super().challenge_invalid(response)
def challenge_valid(self, response: AuthenticatorValidationChallengeResponse) -> HttpResponse:
# All validation is done by the serializer
user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER)