rename model to UserKey

2021-06-17 11:02:20 +02:00
parent ba4e7f9a17
commit 68e257d60e
9 changed files with 52 additions and 35 deletions
--- a/mfa/Email.py
+++ b/mfa/Email.py
@@ -12,7 +12,7 @@ from django.utils import timezone
 from django.views.decorators.cache import never_cache

 from .Common import send
-from .models import User_Keys
+from .models import UserKey
 from .views import login


@@ -36,7 +36,7 @@ def start(request):
    context = csrf(request)
    if request.method == "POST":
        if request.session["email_secret"] == request.POST["otp"]:  # if successful
-            uk = User_Keys()
+            uk = UserKey()
            uk.username = request.user.username
            uk.key_type = "Email"
            uk.enabled = 1
@@ -62,7 +62,7 @@ def auth(request):
    context = csrf(request)
    if request.method == "POST":
        if request.session["email_secret"] == request.POST["otp"].strip():
-            uk = User_Keys.objects.get(
+            uk = UserKey.objects.get(
                username=request.session["base_username"], key_type="Email"
            )
            mfa = {"verified": True, "method": "Email", "id": uk.id}
--- a/mfa/FIDO2.py
+++ b/mfa/FIDO2.py
@@ -16,7 +16,7 @@ from fido2.server import Fido2Server, PublicKeyCredentialRpEntity
 from fido2.utils import websafe_decode, websafe_encode

 from .Common import get_redirect_url
-from .models import User_Keys
+from .models import UserKey
 from .views import login, reset_cookie


@@ -65,7 +65,7 @@ def complete_reg(request):
            request.session["fido_state"], client_data, att_obj
        )
        encoded = websafe_encode(auth_data.credential_data)
-        uk = User_Keys()
+        uk = UserKey()
        uk.username = request.user.username
        uk.properties = {
            "device": encoded,
@@ -91,7 +91,7 @@ def start(request):

 def getUserCredentials(username):
    credentials = []
-    for uk in User_Keys.objects.filter(username=username, key_type="FIDO2"):
+    for uk in UserKey.objects.filter(username=username, key_type="FIDO2"):
        credentials.append(
            AttestedCredentialData(websafe_decode(uk.properties["device"]))
        )
@@ -149,7 +149,7 @@ def authenticate_complete(request):
            request.session["mfa"]["rechecked_at"] = time.time()
            return JsonResponse({"status": "OK"})
        else:
-            keys = User_Keys.objects.filter(
+            keys = UserKey.objects.filter(
                username=username, key_type="FIDO2", enabled=1
            )
            for k in keys:
--- a/mfa/TrustedDevice.py
+++ b/mfa/TrustedDevice.py
@@ -11,12 +11,12 @@ from django.utils import timezone
 from jose import jwt

 from .Common import send
-from .models import User_Keys
+from .models import UserKey


 def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
    x = "".join(random.choice(chars) for _ in range(size))
-    if not User_Keys.objects.filter(properties__shas="$.key=" + x).exists():
+    if not UserKey.objects.filter(properties__shas="$.key=" + x).exists():
        return x
    else:
        return id_generator(size, chars)
@@ -25,7 +25,7 @@ def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
 def getUserAgent(request):
    id = id = request.session.get("td_id", None)
    if id:
-        tk = User_Keys.objects.get(id=id)
+        tk = UserKey.objects.get(id=id)
        if tk.properties.get("user_agent", "") != "":
            ua = user_agents.parse(tk.properties["user_agent"])
            res = render(None, "TrustedDevices/user-agent.html", context={"ua": ua})
@@ -34,7 +34,7 @@ def getUserAgent(request):


 def trust_device(request):
-    tk = User_Keys.objects.get(id=request.session["td_id"])
+    tk = UserKey.objects.get(id=request.session["td_id"])
    tk.properties["status"] = "trusted"
    tk.save()
    del request.session["td_id"]
@@ -46,7 +46,7 @@ def checkTrusted(request):
    id = request.session.get("td_id", "")
    if id != "":
        try:
-            tk = User_Keys.objects.get(id=id)
+            tk = UserKey.objects.get(id=id)
            if tk.properties["status"] == "trusted":
                res = "OK"
        except:
@@ -55,7 +55,7 @@ def checkTrusted(request):


 def getCookie(request):
-    tk = User_Keys.objects.get(id=request.session["td_id"])
+    tk = UserKey.objects.get(id=request.session["td_id"])

    if tk.properties["status"] == "trusted":
        context = {"added": True}
@@ -76,7 +76,7 @@ def add(request):
        key = request.POST["key"].replace("-", "").replace(" ", "").upper()
        context["username"] = request.POST["username"]
        context["key"] = request.POST["key"]
-        trusted_keys = User_Keys.objects.filter(
+        trusted_keys = UserKey.objects.filter(
            username=request.POST["username"], properties__has="$.key=" + key
        )
        cookie = False
@@ -102,7 +102,7 @@ def add(request):

 def start(request):
    if (
-        User_Keys.objects.filter(
+        UserKey.objects.filter(
            username=request.user.username, key_type="Trusted Device"
        ).count()
        >= 2
@@ -110,7 +110,7 @@ def start(request):
        return render(request, "TrustedDevices/start.html", {"not_allowed": True})
    td = None
    if not request.session.get("td_id", None):
-        td = User_Keys()
+        td = UserKey()
        td.username = request.user.username
        td.properties = {"key": id_generator(), "status": "adding"}
        td.key_type = "Trusted Device"
@@ -118,7 +118,7 @@ def start(request):
        request.session["td_id"] = td.id
    try:
        if td is None:
-            td = User_Keys.objects.get(id=request.session["td_id"])
+            td = UserKey.objects.get(id=request.session["td_id"])
        context = {"key": td.properties["key"]}
    except:
        del request.session["td_id"]
@@ -145,7 +145,7 @@ def verify(request):
        json = jwt.decode(request.COOKIES.get("deviceid"), settings.SECRET_KEY)
        if json["username"].lower() == request.session["base_username"].lower():
            try:
-                uk = User_Keys.objects.get(
+                uk = UserKey.objects.get(
                    username=request.POST["username"].lower(),
                    properties__has="$.key=" + json["key"],
                )
--- a/mfa/U2F.py
+++ b/mfa/U2F.py
@@ -20,7 +20,7 @@ from u2flib_server.u2f import (
 )

 from .Common import get_redirect_url
-from .models import User_Keys
+from .models import UserKey
 from .views import login


@@ -63,7 +63,7 @@ def validate(request, username):
    challenge = request.session.pop("_u2f_challenge_")
    device, c, t = complete_authentication(challenge, data, [settings.U2F_APPID])

-    key = User_Keys.objects.get(
+    key = UserKey.objects.get(
        username=username,
        properties__shas="$.device.publicKey=%s" % device["publicKey"],
    )
@@ -109,13 +109,13 @@ def bind(request):
    device, cert = complete_registration(enroll, data, [settings.U2F_APPID])
    cert = x509.load_der_x509_certificate(cert, default_backend())
    cert_hash = hashlib.md5(cert.public_bytes(Encoding.PEM)).hexdigest()
-    q = User_Keys.objects.filter(key_type="U2F", properties__icontains=cert_hash)
+    q = UserKey.objects.filter(key_type="U2F", properties__icontains=cert_hash)
    if q.exists():
        return HttpResponse(
            "This key is registered before, it can't be registered again."
        )
-    User_Keys.objects.filter(username=request.user.username, key_type="U2F").delete()
-    uk = User_Keys()
+    UserKey.objects.filter(username=request.user.username, key_type="U2F").delete()
+    uk = UserKey()
    uk.username = request.user.username
    uk.owned_by_enterprise = getattr(settings, "MFA_OWNED_BY_ENTERPRISE", False)
    uk.properties = {"device": simplejson.loads(device.json), "cert": cert_hash}
@@ -127,7 +127,7 @@ def bind(request):
 def sign(username):
    u2f_devices = [
        d.properties["device"]
-        for d in User_Keys.objects.filter(username=username, key_type="U2F")
+        for d in UserKey.objects.filter(username=username, key_type="U2F")
    ]
    challenge = begin_authentication(settings.U2F_APPID, u2f_devices)
    return [challenge.json, simplejson.dumps(challenge.data_for_client)]
--- a/mfa/helpers.py
+++ b/mfa/helpers.py
@@ -1,12 +1,12 @@
 from django.http import JsonResponse

 from . import FIDO2, U2F, TrustedDevice, totp
-from .models import User_Keys
+from .models import UserKey
 from .views import verify


 def has_mfa(request, username):
-    if User_Keys.objects.filter(username=username, enabled=1).count() > 0:
+    if UserKey.objects.filter(username=username, enabled=1).count() > 0:
        return verify(request, username)
    return False

--- a/mfa/migrations/0012_rename_user_keys_userkey.py
+++ b/mfa/migrations/0012_rename_user_keys_userkey.py
@@ -0,0 +1,17 @@
+# Generated by Django 3.2.4 on 2021-06-23 07:10
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('mfa', '0011_auto_20210530_0622'),
+    ]
+
+    operations = [
+        migrations.RenameModel(
+            old_name='User_Keys',
+            new_name='UserKey',
+        ),
+    ]
--- a/mfa/models.py
+++ b/mfa/models.py
@@ -4,7 +4,7 @@ from jose import jwt
 from jsonfield import JSONField


-class User_Keys(models.Model):
+class UserKey(models.Model):
    username = models.CharField(max_length=50)
    properties = JSONField(null=True)
    added_on = models.DateTimeField(auto_now_add=True)
--- a/mfa/totp.py
+++ b/mfa/totp.py
@@ -11,12 +11,12 @@ from django.utils import timezone
 from django.views.decorators.cache import never_cache

 from .Common import get_redirect_url
-from .models import User_Keys
+from .models import UserKey
 from .views import login


 def verify_login(request, username, token):
-    for key in User_Keys.objects.filter(username=username, key_type="TOTP"):
+    for key in UserKey.objects.filter(username=username, key_type="TOTP"):
        totp = pyotp.TOTP(key.properties["secret_key"])
        if totp.verify(token, valid_window=30):
            key.last_used = timezone.now()
@@ -82,7 +82,7 @@ def verify(request):
    secret_key = request.GET["key"]
    totp = pyotp.TOTP(secret_key)
    if totp.verify(answer, valid_window=60):
-        uk = User_Keys()
+        uk = UserKey()
        uk.username = request.user.username
        uk.properties = {"secret_key": secret_key}
        uk.key_type = "TOTP"
--- a/mfa/views.py
+++ b/mfa/views.py
@@ -8,14 +8,14 @@ from django.urls import reverse
 from user_agents import parse

 from . import TrustedDevice
-from .models import User_Keys
+from .models import UserKey


@login_required
 def index(request):
    keys = []
    context = {
-        "keys": User_Keys.objects.filter(username=request.user.username),
+        "keys": UserKey.objects.filter(username=request.user.username),
        "UNALLOWED_AUTHEN_METHODS": settings.MFA_UNALLOWED_METHODS,
        "HIDE_DISABLE": getattr(settings, "MFA_HIDE_DISABLE", []),
    }
@@ -31,7 +31,7 @@ def index(request):

 def verify(request, username):
    request.session["base_username"] = username
-    keys = User_Keys.objects.filter(username=username, enabled=1)
+    keys = UserKey.objects.filter(username=username, enabled=1)
    methods = list(set([k.key_type for k in keys]))

    if "Trusted Device" in methods and not request.session.get(
@@ -63,7 +63,7 @@ def login(request):

@login_required
 def delKey(request):
-    key = User_Keys.objects.get(id=request.GET["id"])
+    key = UserKey.objects.get(id=request.GET["id"])
    if key.username == request.user.username:
        key.delete()
        return HttpResponse("Deleted Successfully")
@@ -87,7 +87,7 @@ def __get_callable_function__(func_path):
@login_required
 def toggleKey(request):
    id = request.GET["id"]
-    q = User_Keys.objects.filter(username=request.user.username, id=id)
+    q = UserKey.objects.filter(username=request.user.username, id=id)
    if q.count() == 1:
        key = q[0]
        if key.key_type not in settings.MFA_HIDE_DISABLE: