refactor: hibp call to celery task

Uses is_staff flag to figure out whether the user is internal or not. Fixes: VAN-664
2021-11-05 17:33:06 +05:00
parent 100752419e
commit 0f3b3d2763
2 changed files with 2 additions and 4 deletions
--- a/openedx/core/djangoapps/user_authn/views/login.py
+++ b/openedx/core/djangoapps/user_authn/views/login.py
@@ -559,8 +559,7 @@ def login_user(request, api_version='v1'):
            if possibly_authenticated_user and password_policy_compliance.should_enforce_compliance_on_login():
                # Important: This call must be made AFTER the user was successfully authenticated.
                _enforce_password_policy_compliance(request, possibly_authenticated_user)
-                is_internal_user = user.email.split('@')[1] == 'edx.org'
-                check_pwned_password_and_send_track_event.delay(user.id, request.POST.get('password'), is_internal_user)
+                check_pwned_password_and_send_track_event.delay(user.id, request.POST.get('password'), user.is_staff)

        if possibly_authenticated_user is None or not possibly_authenticated_user.is_active:
            _handle_failed_authentication(user, possibly_authenticated_user)
--- a/openedx/core/djangoapps/user_authn/views/register.py
+++ b/openedx/core/djangoapps/user_authn/views/register.py
@@ -292,8 +292,7 @@ def create_account_with_params(request, params):  # pylint: disable=too-many-sta
 def is_new_user(request, user):
    if user is not None:
        AUDIT_LOG.info(f"Login success on new account creation - {user.username}")
-        is_internal_user = user.email.split('@')[1] == 'edx.org'
-        check_pwned_password_and_send_track_event.delay(user.id, request.POST.get('password'), is_internal_user)
+        check_pwned_password_and_send_track_event.delay(user.id, request.POST.get('password'), user.is_staff)


 def _link_user_to_third_party_provider(