diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index c03e4a9b1..ee1bbcdbb 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -8,6 +8,7 @@ from django.db.transaction import atomic from django.db.utils import IntegrityError from django.urls import reverse_lazy from django.utils.http import urlencode +from django.utils.text import slugify from django.utils.timezone import now from django.utils.translation import gettext as _ from django_filters.filters import BooleanFilter, CharFilter, ModelMultipleChoiceFilter @@ -273,7 +274,7 @@ class UserViewSet(UsedByMixin, ModelViewSet): ) group.users.add(user) token = Token.objects.create( - identifier=f"service-account-{username}-password", + identifier=slugify(f"service-account-{username}-password"), intent=TokenIntents.INTENT_APP_PASSWORD, user=user, expires=now() + timedelta(days=360), diff --git a/authentik/recovery/management/commands/create_recovery_key.py b/authentik/recovery/management/commands/create_recovery_key.py index 63736a9e3..34b690afb 100644 --- a/authentik/recovery/management/commands/create_recovery_key.py +++ b/authentik/recovery/management/commands/create_recovery_key.py @@ -4,6 +4,7 @@ from getpass import getuser from django.core.management.base import BaseCommand from django.urls import reverse +from django.utils.text import slugify from django.utils.timezone import now from django.utils.translation import gettext as _ from structlog.stdlib import get_logger @@ -42,7 +43,7 @@ class Command(BaseCommand): user=user, intent=TokenIntents.INTENT_RECOVERY, description=f"Recovery Token generated by {getuser()} on {_now}", - identifier=f"ak-recovery-{user}-{_now}", + identifier=slugify(f"ak-recovery-{user}-{_now}"), ) self.stdout.write( (f"Store this link safely, as it will allow" f" anyone to access authentik as {user}.")