diff --git a/mfa/FIDO2.py b/mfa/FIDO2.py index 21c9dbe..5ec6872 100644 --- a/mfa/FIDO2.py +++ b/mfa/FIDO2.py @@ -58,9 +58,11 @@ def complete_reg(request): uk.save() return HttpResponse(simplejson.dumps({'status': 'OK'})) except Exception as exp: - from raven.contrib.django.raven_compat.models import client - import traceback - client.captureException() + try: + from raven.contrib.django.raven_compat.models import client + client.captureException() + except: + pass return HttpResponse(simplejson.dumps({'status': 'ERR',"message":"Error on server, please try again later"})) def start(request): context = csrf(request) @@ -94,15 +96,27 @@ def authenticate_complete(request): client_data = ClientData(data['clientDataJSON']) auth_data = AuthenticatorData(data['authenticatorData']) signature = data['signature'] - - cred = server.authenticate_complete( - request.session.pop('fido_state'), - credentials, - credential_id, - client_data, - auth_data, - signature - ) + try: + cred = server.authenticate_complete( + request.session.pop('fido_state'), + credentials, + credential_id, + client_data, + auth_data, + signature + ) + except ValueError: + return HttpResponse(simplejson.dumps({'status': "ERR", "message": "Wrong challenge received, make sure that this is your security and try again."}), + content_type = "application/json") + except Exception as excep: + try: + from raven.contrib.django.raven_compat.models import client + client.captureException() + except: + pass + return HttpResponse(simplejson.dumps({'status': "ERR", + "message": "Err: " + excep.message}), + content_type = "application/json") if request.session.get("mfa_recheck",False): import time @@ -123,4 +137,4 @@ def authenticate_complete(request): request.session["mfa"] = mfa res=login(request) return HttpResponse(simplejson.dumps({'status':"OK","redirect":res["location"]}),content_type="application/json") - return HttpResponse(simplejson.dumps({'status': "err"}),content_type="application/json") + return HttpResponse(simplejson.dumps({'status': "ERR","message":"Unknown error happened"}),content_type="application/json") diff --git a/mfa/templates/FIDO2/Auth.html b/mfa/templates/FIDO2/Auth.html index 53ad25c..8e7d30c 100644 --- a/mfa/templates/FIDO2/Auth.html +++ b/mfa/templates/FIDO2/Auth.html @@ -1,6 +1,4 @@ {% extends "mfa_auth_base.html" %} {% block content %} -
-
{% include 'FIDO2/recheck.html' with mode='auth' %} {% endblock %} \ No newline at end of file diff --git a/mfa/templates/FIDO2/recheck.html b/mfa/templates/FIDO2/recheck.html index 00cc783..872efbd 100644 --- a/mfa/templates/FIDO2/recheck.html +++ b/mfa/templates/FIDO2/recheck.html @@ -18,6 +18,7 @@ {% endif %}

please press the button on your security key to prove it is you.

+
{% if mode == "auth" %}
{% elif mode == "recheck" %} @@ -71,17 +72,22 @@ }).then(function (response) {if (response.ok) return res = response.json()}).then(function (res) { if (res.status=="OK") { + $("#msgdiv").addClass("alert alert-success").removeClass("alert-danger") + $("#msgdiv").html("Verified....please wait") {% if mode == "auth" %} window.location.href=res.redirect; {% elif mode == "recheck" %} - mfa_success_function(); + mfa_success_function(); {% endif %} } else { + $("#msgdiv").addClass("alert alert-danger").removeClass("alert-success") + $("#res").html("
Verification Failed as " + res["message"] + ", try again or Go Back
") + {% if mode == "auth" %} - alert("Error occured, please try again") - login() + {% elif mode == "recheck" %} + mfa_failed_function(); {% endif %} }