stages/authenticator: add user field to devices

Signed-off-by: Jens Langhammer <[email protected]>
goauthentik · Jan 10, 2025 · 58e910c · 58e910c
1 parent 29f8a82
commit 58e910c
Show file tree

Hide file tree

Showing 7 changed files with 52 additions and 4 deletions.
diff --git a/authentik/stages/authenticator_duo/api.py b/authentik/stages/authenticator_duo/api.py
@@ -12,6 +12,7 @@
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 from structlog.stdlib import get_logger
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.flows.api.stages import StageSerializer
@@ -165,9 +166,11 @@ def import_devices_automatic(self, request: Request, pk: str) -> Response:
 class DuoDeviceSerializer(ModelSerializer):
     """Serializer for Duo authenticator devices"""
 
+    user = GroupMemberSerializer(read_only=True)
+
     class Meta:
         model = DuoDevice
-        fields = ["pk", "name"]
+        fields = ["pk", "name", "user"]
         depth = 2
 
 

diff --git a/authentik/stages/authenticator_sms/api.py b/authentik/stages/authenticator_sms/api.py
@@ -3,6 +3,7 @@
 from rest_framework import mixins
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.flows.api.stages import StageSerializer
@@ -41,9 +42,11 @@ class AuthenticatorSMSStageViewSet(UsedByMixin, ModelViewSet):
 class SMSDeviceSerializer(ModelSerializer):
     """Serializer for sms authenticator devices"""
 
+    user = GroupMemberSerializer(read_only=True)
+
     class Meta:
         model = SMSDevice
-        fields = ["name", "pk", "phone_number"]
+        fields = ["name", "pk", "phone_number", "user"]
         depth = 2
         extra_kwargs = {
             "phone_number": {"read_only": True},

diff --git a/authentik/stages/authenticator_static/api.py b/authentik/stages/authenticator_static/api.py
@@ -51,7 +51,7 @@ class StaticDeviceSerializer(ModelSerializer):
 
     class Meta:
         model = StaticDevice
-        fields = ["name", "token_set", "pk"]
+        fields = ["name", "token_set", "pk", "user"]
 
 
 class StaticDeviceViewSet(

diff --git a/authentik/stages/authenticator_totp/api.py b/authentik/stages/authenticator_totp/api.py
@@ -4,6 +4,7 @@
 from rest_framework.fields import ChoiceField
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.flows.api.stages import StageSerializer
@@ -37,11 +38,14 @@ class AuthenticatorTOTPStageViewSet(UsedByMixin, ModelViewSet):
 class TOTPDeviceSerializer(ModelSerializer):
     """Serializer for totp authenticator devices"""
 
+    user = GroupMemberSerializer(read_only=True)
+
     class Meta:
         model = TOTPDevice
         fields = [
             "name",
             "pk",
+            "user",
         ]
         depth = 2
 

diff --git a/authentik/stages/authenticator_webauthn/api/devices.py b/authentik/stages/authenticator_webauthn/api/devices.py
@@ -3,6 +3,7 @@
 from rest_framework import mixins
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.stages.authenticator_webauthn.api.device_types import WebAuthnDeviceTypeSerializer
@@ -13,10 +14,11 @@ class WebAuthnDeviceSerializer(ModelSerializer):
     """Serializer for WebAuthn authenticator devices"""
 
     device_type = WebAuthnDeviceTypeSerializer(read_only=True, allow_null=True)
+    user = GroupMemberSerializer(read_only=True)
 
     class Meta:
         model = WebAuthnDevice
-        fields = ["pk", "name", "created_on", "device_type", "aaguid"]
+        fields = ["pk", "name", "created_on", "device_type", "aaguid", "user"]
         extra_kwargs = {
             "aaguid": {"read_only": True},
         }

diff --git a/blueprints/schema.json b/blueprints/schema.json
@@ -9289,6 +9289,11 @@
                     "minLength": 1,
                     "title": "Name",
                     "description": "The human-readable name of this device."
+                },
+                "user": {
+                    "type": "integer",
+                    "title": "User",
+                    "description": "The user that this device belongs to."
                 }
             },
             "required": []

diff --git a/schema.yml b/schema.yml
@@ -41226,9 +41226,14 @@ components:
           type: string
           description: The human-readable name of this device.
           maxLength: 64
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - name
       - pk
+      - user
     DuoDeviceEnrollmentStatus:
       type: object
       properties:
@@ -50980,6 +50985,9 @@ components:
           minLength: 1
           description: The human-readable name of this device.
           maxLength: 64
+        user:
+          type: integer
+          description: The user that this device belongs to.
     PatchedTOTPDeviceRequest:
       type: object
       description: Serializer for totp authenticator devices
@@ -54570,10 +54578,15 @@ components:
         phone_number:
           type: string
           readOnly: true
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - name
       - phone_number
       - pk
+      - user
     SMSDeviceRequest:
       type: object
       description: Serializer for sms authenticator devices
@@ -55275,10 +55288,14 @@ components:
           type: integer
           readOnly: true
           title: ID
+        user:
+          type: integer
+          description: The user that this device belongs to.
       required:
       - name
       - pk
       - token_set
+      - user
     StaticDeviceRequest:
       type: object
       description: Serializer for static authenticator devices
@@ -55288,8 +55305,12 @@ components:
           minLength: 1
           description: The human-readable name of this device.
           maxLength: 64
+        user:
+          type: integer
+          description: The user that this device belongs to.
       required:
       - name
+      - user
     StaticDeviceToken:
       type: object
       description: Serializer for static device's tokens
@@ -55507,9 +55528,14 @@ components:
           type: integer
           readOnly: true
           title: ID
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - name
       - pk
+      - user
     TOTPDeviceRequest:
       type: object
       description: Serializer for totp authenticator devices
@@ -56951,12 +56977,17 @@ components:
         aaguid:
           type: string
           readOnly: true
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - aaguid
       - created_on
       - device_type
       - name
       - pk
+      - user
     WebAuthnDeviceRequest:
       type: object
       description: Serializer for WebAuthn authenticator devices