Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
raise ImpostorException(_('Regular login, moving to next auth backend'))
# Check if admin exists, authenticates and is allowed to impersonate another user
adm_obj = get_user_model().objects.get(Q(username=admin) | Q(email=admin))
if self.is_user_allowed_to_impersonate(adm_obj) and adm_obj.check_password(password):
# get the user we want to impersonate
auth_user = get_user_model().objects.get(Q(username=uuser) | Q(email=uuser))
# Superusers can only be impersonated by other superusers
if auth_user.is_superuser and not adm_obj.is_superuser:
auth_user = None
raise ImpostorException(_('Superuser can only be impersonated by a superuser.'))
# creates the impostor log entry
log_entry = ImpostorLog.objects.create(
impostor=adm_obj, imposted_as=auth_user, impostor_ip=self.ip_address(request)
)
# save impostor_token into the session
self.save_impostor_token_into_session(log_entry, request)
except Exception as e: # Nope. Do nothing and let other backends handle it.
log.info(msg=str(e))
return auth_user