Better Error handling

mfa/FIDO2.py

@@ -58,9 +58,11 @@ def complete_reg(request):
         uk.save()
         return HttpResponse(simplejson.dumps({'status': 'OK'}))
     except Exception as exp:
+        try:
             from raven.contrib.django.raven_compat.models import client
-        import traceback
             client.captureException()
+        except:
+            pass
         return HttpResponse(simplejson.dumps({'status': 'ERR',"message":"Error on server, please try again later"}))
 def start(request):
     context = csrf(request)
@@ -94,7 +96,7 @@ def authenticate_complete(request):
     client_data = ClientData(data['clientDataJSON'])
     auth_data = AuthenticatorData(data['authenticatorData'])
     signature = data['signature']
-
+    try:
         cred = server.authenticate_complete(
             request.session.pop('fido_state'),
             credentials,
@@ -103,6 +105,18 @@ def authenticate_complete(request):
             auth_data,
             signature
         )
+    except ValueError:
+        return HttpResponse(simplejson.dumps({'status': "ERR", "message": "Wrong challenge received, make sure that this is your security and try again."}),
+                            content_type = "application/json")
+    except Exception as excep:
+        try:
+            from raven.contrib.django.raven_compat.models import client
+            client.captureException()
+        except:
+            pass
+        return HttpResponse(simplejson.dumps({'status': "ERR",
+                                              "message": "Err: " + excep.message}),
+                            content_type = "application/json")
 
     if request.session.get("mfa_recheck",False):
         import time
@@ -123,4 +137,4 @@ def authenticate_complete(request):
                 request.session["mfa"] = mfa
                 res=login(request)
                 return HttpResponse(simplejson.dumps({'status':"OK","redirect":res["location"]}),content_type="application/json")
-    return HttpResponse(simplejson.dumps({'status': "err"}),content_type="application/json")
+    return HttpResponse(simplejson.dumps({'status': "ERR","message":"Unknown error happened"}),content_type="application/json")

mfa/templates/FIDO2/Auth.html

@@ -1,6 +1,4 @@
 {% extends "mfa_auth_base.html" %}
 {% block content %}
-    <br/>
-<br/>
 {% include 'FIDO2/recheck.html' with mode='auth' %}
 {% endblock %}

mfa/templates/FIDO2/recheck.html

@@ -18,6 +18,7 @@
 
             {% endif %}
                 <p style="color: green">please press the button on your security key to prove it is you.</p>
+                <div id="msgdiv"></div>
                 {% if mode == "auth" %}
                     <form id="u2f_login" action="{% url 'fido2_complete_auth' %}" method="post" enctype="multipart/form-data">
                 {% elif mode == "recheck" %}
@@ -71,6 +72,8 @@
       }).then(function (response) {if (response.ok) return res = response.json()}).then(function (res) {
           if (res.status=="OK")
           {
+              $("#msgdiv").addClass("alert alert-success").removeClass("alert-danger")
+             $("#msgdiv").html("Verified....please wait")
           {%  if mode == "auth" %}
           window.location.href=res.redirect;
           {% elif mode == "recheck" %}
@@ -78,10 +81,13 @@
           {% endif %}
           }
           else {
+              $("#msgdiv").addClass("alert alert-danger").removeClass("alert-success")
+                $("#res").html("<div class='alert alert-danger'>Verification Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='authen())'> try again or <a href='javascript:void(0)' onclick='history.back()'> Go Back</a></div>")
+
               {%  if mode == "auth" %}
-                alert("Error occured, please try again")
-                login()
+
               {% elif mode == "recheck" %}
+
                 mfa_failed_function();
               {% endif %}
           }