diff --git a/app/auth/models.py b/app/auth/models.py
index dd3b649b486df79e787541bf3f4167ac9a27bb02..6749150d97624c69634128b352b4fdffefbbc1fd 100644
--- a/app/auth/models.py
+++ b/app/auth/models.py
@@ -180,7 +180,7 @@ class User(UserMixin, ScoDocModel):
def set_password(self, password):
"Set password"
- current_app.logger.info(f"set_password({self})")
+ log(f"set_password({self})")
if password:
self.password_hash = generate_password_hash(password)
else:
@@ -213,10 +213,21 @@ class User(UserMixin, ScoDocModel):
# if CAS activated and cas_id, allow only super-user and users with cas_allow_scodoc_login
cas_enabled = ScoDocSiteConfig.is_cas_enabled()
- if cas_enabled:
- if ScoDocSiteConfig.get("cas_force") and not self.is_administrator():
- return False # si CAS forcé, n'accepte que super-admin
- if self.cas_id and not self.cas_allow_scodoc_login:
+ if cas_enabled and not self.is_administrator():
+ if not self.cas_allow_scodoc_login:
+ # CAS activé et compte non autorisé à se logguer sur ScoDoc
+ log(
+ f"""auth: login attempt for user {self.user_name}: scodoc login not allowed
+ """
+ )
+ return False
+ # si CAS activé et forcé et cas_id renseigné, on ne peut pas se logguer
+ if self.cas_id and ScoDocSiteConfig.get("cas_force"):
+ log(
+ f"""auth: login attempt for user {self.user_name
+ } (cas_id='{
+ self.cas_id}'): cas forced and cas_id set: scodoc login not allowed"""
+ )
return False
if not self.password_hash: # user without password can't login
diff --git a/sco_version.py b/sco_version.py
index 768513011cbba9e4f35787f0c6fcd6b5f4a57cc5..8e43f1a7e7c73c76235632674f96d97053318668 100644
--- a/sco_version.py
+++ b/sco_version.py
@@ -3,7 +3,7 @@
"Infos sur version ScoDoc"
-SCOVERSION = "9.7.41"
+SCOVERSION = "9.7.42"
SCONAME = "ScoDoc"