Removed Dependability of JSONLookup

example/example/settings.py

@@ -141,7 +141,7 @@ MFA_RECHECK=True           # Allow random rechecking of the user
 MFA_RECHECK_MIN=10         # Minimum interval in seconds
 MFA_RECHECK_MAX=30         # Maximum in seconds
 MFA_QUICKLOGIN=True        # Allow quick login for returning users by provide only their 2FA
-MFA_HIDE_DISABLE=('FIDO2',)     # Can the user disable his key (Added in 1.2.0).
+MFA_HIDE_DISABLE=()     # Can the user disable his key (Added in 1.2.0).
 
 TOKEN_ISSUER_NAME="PROJECT_NAME"      #TOTP Issuer name
 

example/example/urls.py

@@ -16,9 +16,11 @@ Including another URLconf
 from django.contrib import admin
 from django.urls import path,re_path,include
 from . import views,auth
+import mfa
 urlpatterns = [
     path('admin/', admin.site.urls),
     path('mfa/', include('mfa.urls')),
+    path('devices/add', mfa.TrustedDevice.add,name="mfa_add_new_trusted_device"),
     path('auth/login',auth.loginView,name="login"),
     path('auth/logout',auth.logoutView,name="logout"),
 

mfa/TrustedDevice.py

@@ -2,7 +2,6 @@ import string
 import random
 from django.shortcuts import render
 from django.http import HttpResponse
-from django.template.context import RequestContext
 from django.template.context_processors import csrf
 from .models import *
 import user_agents
@@ -10,7 +9,7 @@ from django.utils import timezone
 
 def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
     x=''.join(random.choice(chars) for _ in range(size))
-    if not User_Keys.objects.filter(properties__shas="$.key="+x).exists(): return x
+    if not User_Keys.objects.filter(properties__icontains=x, key_type="Trusted Device").exists(): return x
     else: return id_generator(size,chars)
 
 def getUserAgent(request):
@@ -19,6 +18,7 @@ def getUserAgent(request):
         tk=User_Keys.objects.get(id=id)
         if tk.properties.get("user_agent","")!="":
             ua = user_agents.parse(tk.properties["user_agent"])
+            print(ua.os)
             res = render(None, "TrustedDevices/user-agent.html", context={"ua":ua})
             return HttpResponse(res)
     return HttpResponse("")
@@ -69,6 +69,7 @@ def add(request):
             request.session["td_id"]=tk.id
             ua=request.META['HTTP_USER_AGENT']
             agent=user_agents.parse(ua)
+            print(agent.os)
             if agent.is_pc:
                 context["invalid"]="This is a PC, it can't used as a trusted device."
             else:
@@ -124,7 +125,7 @@ def verify(request):
         json= jwt.decode(request.COOKIES.get('deviceid'),settings.SECRET_KEY)
         if json["username"].lower()== request.session['base_username'].lower():
             try:
-                uk = User_Keys.objects.get(username=request.POST["username"].lower(), properties__has="$.key=" + json["key"])
+                uk = User_Keys.objects.get(username=request.POST["username"].lower(), properties__properties__iregex=rf'{json["key"]}')
                 if uk.enabled and uk.properties["status"] == "trusted":
                     uk.last_used=timezone.now()
                     uk.save()

mfa/U2F.py

@@ -52,7 +52,7 @@ def validate(request,username):
     challenge = request.session.pop('_u2f_challenge_')
     device, c, t = complete_authentication(challenge, data, [settings.U2F_APPID])
 
-    key = User_Keys.objects.get(username=username, properties__iregex=rf'{device["publicKey"]}')
+    key = User_Keys.objects.get(username=username,key_type = "U2F", properties__iregex=rf'{device["publicKey"]}')
     key.last_used=timezone.now()
     key.save()
     mfa = {"verified": True, "method": "U2F","id":key.id}
@@ -69,7 +69,7 @@ def auth(request):
     request.session["_u2f_challenge_"]=s[0]
     context["token"]=s[1]
 
-    return render(request,"U2F/Auth.html")
+    return render(request,"U2F/Auth.html",context)
 
 def start(request):
     enroll = begin_registration(settings.U2F_APPID, [])

mfa/models.py

@@ -2,9 +2,6 @@ from django.db import models
 from jsonfield import JSONField
 from jose import jwt
 from django.conf import settings
-from jsonLookup import shasLookup, hasLookup
-JSONField.register_lookup(shasLookup)
-JSONField.register_lookup(hasLookup)
 
 
 class User_Keys(models.Model):

mfa/urls.py

@@ -1,10 +1,11 @@
 from . import views,totp,U2F,TrustedDevice,helpers,FIDO2,Email
-#app_name='mfa'
+
 
 try:
     from django.urls import  re_path as url
 except:
      from django.conf.urls import  url
+
 urlpatterns = [
     url(r'totp/start/', totp.start , name="start_new_otop"),
     url(r'totp/getToken', totp.getToken , name="get_new_otop"),
@@ -39,6 +40,7 @@ urlpatterns = [
     url(r'u2f/secure_device', TrustedDevice.getCookie, name="td_securedevice"),
 
     url(r'^$', views.index, name="mfa_home"),
+    url(r'devices/add$', TrustedDevice.add,name="mfa_add_new_trusted_device"),
     url(r'goto/(.*)', views.goto, name="mfa_goto"),
     url(r'selct_method', views.show_methods, name="mfa_methods_list"),
     url(r'recheck', helpers.recheck, name="mfa_recheck"),

setup.py

@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
 
 setup(
     name='django-mfa2',
-    version='2.1.2',
+    version='2.2.0b1',
     description='Allows user to add 2FA to their accounts',
     long_description=open("README.md").read(),
     long_description_content_type="text/markdown",
@@ -25,13 +25,14 @@ setup(
         'user-agents',
         'python-jose',
         'fido2 == 0.9.1',
-        'jsonLookup'
+     #   'jsonLookup'
       ],
     python_requires=">=3.5",
     include_package_data=True,
     zip_safe=False, # because we're including static files
     classifiers=[
-        "Development Status :: 5 - Production/Stable",
+        "Development Status :: 4 - Beta",
+        #"Development Status :: 5 - Production/Stable",
         "Environment :: Web Environment",
         "Framework :: Django",
         "Framework :: Django :: 1.11",