diff --git a/example/example/auth.py b/example/example/auth.py index 3dc9b2f..63172cf 100644 --- a/example/example/auth.py +++ b/example/example/auth.py @@ -1,8 +1,9 @@ -from django.shortcuts import render -from django.http import HttpResponseRedirect -from django.urls import reverse from django.contrib.auth import authenticate, login, logout from django.contrib.auth.models import User +from django.http import HttpResponseRedirect +from django.shortcuts import render +from django.urls import reverse + from mfa.helpers import has_mfa diff --git a/example/example/urls.py b/example/example/urls.py index d8ce223..ba1418e 100644 --- a/example/example/urls.py +++ b/example/example/urls.py @@ -14,8 +14,9 @@ Including another URLconf 2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) """ from django.contrib import admin -from django.urls import path, re_path, include -from . import views, auth +from django.urls import include, path, re_path + +from . import auth, views urlpatterns = [ path("admin/", admin.site.urls), diff --git a/mfa/Email.py b/mfa/Email.py index 5b7055f..7d52f6c 100644 --- a/mfa/Email.py +++ b/mfa/Email.py @@ -1,21 +1,22 @@ +import datetime +import random +from random import randint + from django.contrib.auth import get_user_model from django.http import HttpResponseRedirect from django.shortcuts import render -from django.views.decorators.cache import never_cache from django.template.context_processors import csrf from django.utils import timezone +from django.views.decorators.cache import never_cache try: from django.core.urlresolvers import reverse except: from django.urls import reverse -import datetime, random -from random import randint -from .models import * - -from .views import login from .Common import send +from .models import * +from .views import login def sendEmail(request, username, secret): diff --git a/mfa/FIDO2.py b/mfa/FIDO2.py index 2ece302..fa0fe1e 100644 --- a/mfa/FIDO2.py +++ b/mfa/FIDO2.py @@ -1,25 +1,24 @@ +import datetime import random import time import traceback -from fido2.client import ClientData -from fido2.server import Fido2Server, PublicKeyCredentialRpEntity -from fido2.ctap2 import AttestationObject, AuthenticatorData -from django.template.context_processors import csrf -from django.views.decorators.csrf import csrf_exempt -from django.shortcuts import render - import simplejson -from fido2 import cbor -from django.http import HttpResponse from django.conf import settings -from .models import * -from fido2.utils import websafe_decode, websafe_encode -from fido2.ctap2 import AttestedCredentialData -from .views import login, reset_cookie -import datetime -from .Common import get_redirect_url +from django.http import HttpResponse +from django.shortcuts import render +from django.template.context_processors import csrf from django.utils import timezone +from django.views.decorators.csrf import csrf_exempt +from fido2 import cbor +from fido2.client import ClientData +from fido2.ctap2 import AttestationObject, AttestedCredentialData, AuthenticatorData +from fido2.server import Fido2Server, PublicKeyCredentialRpEntity +from fido2.utils import websafe_decode, websafe_encode + +from .Common import get_redirect_url +from .models import * +from .views import login, reset_cookie def recheck(request): diff --git a/mfa/TrustedDevice.py b/mfa/TrustedDevice.py index 85d3af4..9e225cd 100644 --- a/mfa/TrustedDevice.py +++ b/mfa/TrustedDevice.py @@ -1,16 +1,17 @@ -import string import random +import string from datetime import datetime, timedelta -from django.shortcuts import render + +import user_agents from django.http import HttpResponse +from django.shortcuts import render from django.template.context import RequestContext from django.template.context_processors import csrf -from .models import * -import user_agents from django.utils import timezone from jose import jwt from .Common import send +from .models import * def id_generator(size=6, chars=string.ascii_uppercase + string.digits): diff --git a/mfa/U2F.py b/mfa/U2F.py index 0c78c91..4bc2b02 100644 --- a/mfa/U2F.py +++ b/mfa/U2F.py @@ -1,26 +1,26 @@ -import datetime, random +import datetime import hashlib +import random import time -from u2flib_server.u2f import ( - begin_registration, - begin_authentication, - complete_registration, - complete_authentication, -) +import simplejson from cryptography import x509 from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives.serialization import Encoding -from django.shortcuts import render -import simplejson - -from django.template.context_processors import csrf from django.conf import settings from django.http import HttpResponse +from django.shortcuts import render +from django.template.context_processors import csrf +from django.utils import timezone +from u2flib_server.u2f import ( + begin_authentication, + begin_registration, + complete_authentication, + complete_registration, +) + from .models import * from .views import login -import datetime -from django.utils import timezone def recheck(request): diff --git a/mfa/helpers.py b/mfa/helpers.py index e22e573..9c0f2b8 100644 --- a/mfa/helpers.py +++ b/mfa/helpers.py @@ -1,9 +1,10 @@ import pyotp -from .models import * -from . import TrustedDevice, U2F, FIDO2, totp import simplejson from django.shortcuts import HttpResponse -from mfa.views import verify, goto + +from . import FIDO2, U2F, TrustedDevice, totp +from .models import * +from .views import goto, verify def has_mfa(request, username): diff --git a/mfa/middleware.py b/mfa/middleware.py index 4acc51f..d61e956 100644 --- a/mfa/middleware.py +++ b/mfa/middleware.py @@ -1,7 +1,8 @@ import time -from django.http import HttpResponseRedirect -from django.core.urlresolvers import reverse + from django.conf import settings +from django.core.urlresolvers import reverse +from django.http import HttpResponseRedirect def process(request): diff --git a/mfa/models.py b/mfa/models.py index 14b7c14..ccc8ffc 100644 --- a/mfa/models.py +++ b/mfa/models.py @@ -1,7 +1,7 @@ -from django.db import models -from jsonfield import JSONField -from jose import jwt from django.conf import settings +from django.db import models +from jose import jwt +from jsonfield import JSONField class User_Keys(models.Model): diff --git a/mfa/totp.py b/mfa/totp.py index fccb61f..6400d7e 100644 --- a/mfa/totp.py +++ b/mfa/totp.py @@ -1,18 +1,19 @@ +import datetime +import random import time -from django.shortcuts import render -from django.views.decorators.cache import never_cache -from django.http import HttpResponse -from .models import * -from django.template.context_processors import csrf -import simplejson -from django.template.context import RequestContext -from django.conf import settings import pyotp -from .views import login -import datetime +import simplejson +from django.conf import settings +from django.http import HttpResponse +from django.shortcuts import render +from django.template.context import RequestContext +from django.template.context_processors import csrf from django.utils import timezone -import random +from django.views.decorators.cache import never_cache + +from .models import * +from .views import login def verify_login(request, username, token): diff --git a/mfa/urls.py b/mfa/urls.py index 3c888e2..5bdf1ae 100644 --- a/mfa/urls.py +++ b/mfa/urls.py @@ -1,10 +1,10 @@ -from . import views, totp, U2F, TrustedDevice, helpers, FIDO2, Email - try: from django.urls import re_path as url except: from django.conf.urls import url +from . import FIDO2, U2F, Email, TrustedDevice, helpers, totp, views + urlpatterns = [ url(r"totp/start/", totp.start, name="start_new_otop"), url(r"totp/getToken", totp.getToken, name="get_new_otop"), diff --git a/mfa/views.py b/mfa/views.py index ea829cd..7394a6e 100644 --- a/mfa/views.py +++ b/mfa/views.py @@ -2,20 +2,20 @@ import importlib from django.conf import settings from django.contrib import auth -from django.shortcuts import render +from django.contrib.auth.decorators import login_required from django.http import HttpResponse, HttpResponseRedirect -from .models import * +from django.shortcuts import render +from django.template.context import RequestContext +from django.template.context_processors import csrf +from user_agents import parse try: from django.urls import reverse except: from django.core.urlresolvers import reverse -from django.template.context_processors import csrf -from django.template.context import RequestContext -from django.conf import settings + from . import TrustedDevice -from django.contrib.auth.decorators import login_required -from user_agents import parse +from .models import * @login_required