josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allowing setting the redirect url and text

Browse Source
This commit is contained in:
Mohamed El-Kalioby
2021-05-28 16:38:27 +03:00
parent ef8287666c
commit 958775418d
20 changed files with 70 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
mfa/Common.py
View File

@@ -1,5 +1,9 @@
from django.conf import settings
from django.core.mail import EmailMessage
try:
from django.urls import reverse
except:
from django.core.urlresolver import reverse
def send(to,subject,body):
from_email_address = settings.EMAIL_HOST_USER
@@ -8,4 +12,8 @@ def send(to,subject,body):
From = "%s <%s>" % (settings.EMAIL_FROM, from_email_address)
email = EmailMessage(subject,body,From,to)
email.content_subtype = "html"
return email.send(False)
return email.send(False)
def get_redirect_url():
return {"redirect_html": reverse(getattr(settings, 'MFA_REDIRECT_AFTER_REGISTRATION', 'mfa_home')),
"reg_success_msg":getattr(settings,"MFA_SUCCESS_REGISTRATION_MSG")}

10
mfa/Email.py
View File

@@ -7,7 +7,9 @@ from .models import *
#from django.template.context import RequestContext
from .views import login
from .Common import send
def sendEmail(request,username,secret):
"""Send Email to the user after rendering `mfa_email_token_template`"""
from django.contrib.auth import get_user_model
User = get_user_model()
key = getattr(User, 'USERNAME_FIELD', 'username')
@@ -18,9 +20,10 @@ def sendEmail(request,username,secret):
@never_cache
def start(request):
"""Start adding email as a 2nd factor"""
context = csrf(request)
if request.method == "POST":
if request.session["email_secret"] == request.POST["otp"]:
if request.session["email_secret"] == request.POST["otp"]: #if successful
uk=User_Keys()
uk.username=request.user.username
uk.key_type="Email"
@@ -31,15 +34,16 @@ def start(request):
from django.core.urlresolvers import reverse
except:
from django.urls import reverse
return HttpResponseRedirect(reverse('mfa_home'))
return HttpResponseRedirect(reverse(getattr(settings,'MFA_REDIRECT_AFTER_REGISTRATION','mfa_home')))
context["invalid"] = True
else:
request.session["email_secret"] = str(randint(0,100000))
request.session["email_secret"] = str(randint(0,100000)) #generate a random integer
if sendEmail(request, request.user.username, request.session["email_secret"]):
context["sent"] = True
return render(request,"Email/Add.html", context)
@never_cache
def auth(request):
"""Authenticating the user by email."""
context=csrf(request)
if request.method=="POST":
if request.session["email_secret"]==request.POST["otp"].strip():

7
mfa/FIDO2.py
View File

@@ -14,10 +14,12 @@ from fido2.utils import websafe_decode, websafe_encode
from fido2.ctap2 import AttestedCredentialData
from .views import login, reset_cookie
import datetime
from .Common import get_redirect_url
from django.utils import timezone
def recheck(request):
"""Starts FIDO2 recheck"""
context = csrf(request)
context["mode"] = "recheck"
request.session["mfa_recheck"] = True
@@ -25,11 +27,13 @@ def recheck(request):
def getServer():
"""Get Server Info from settings and returns a Fido2Server"""
rp = PublicKeyCredentialRpEntity(settings.FIDO_SERVER_ID, settings.FIDO_SERVER_NAME)
return Fido2Server(rp)
def begin_registeration(request):
"""Starts registering a new FIDO Device, called from API"""
server = getServer()
registration_data, state = server.register_begin({
u'id': request.user.username.encode("utf8"),
@@ -43,6 +47,7 @@ def begin_registeration(request):
@csrf_exempt
def complete_reg(request):
"""Completes the registeration, called by API"""
try:
data = cbor.decode(request.body)
@@ -72,7 +77,9 @@ def complete_reg(request):
def start(request):
"""Start Registeration a new FIDO Token"""
context = csrf(request)
context.update(get_redirect_url())
return render(request, "FIDO2/Add.html", context)

1
mfa/U2F.py
View File

@@ -76,6 +76,7 @@ def start(request):
request.session['_u2f_enroll_'] = enroll.json
context=csrf(request)
context["token"]=simplejson.dumps(enroll.data_for_client)
context.update(get_redirect_url())
return render(request,"U2F/Add.html",context)

2
mfa/__init__.py
View File

@@ -1 +1 @@
__version__="2.1.2"
__version__="2.2.0b1"

6
mfa/models.py
View File

@@ -2,9 +2,9 @@ from django.db import models
from jsonfield import JSONField
from jose import jwt
from django.conf import settings
from jsonLookup import shasLookup, hasLookup
JSONField.register_lookup(shasLookup)
JSONField.register_lookup(hasLookup)
#from jsonLookup import shasLookup, hasLookup
# JSONField.register_lookup(shasLookup)
# JSONField.register_lookup(hasLookup)
class User_Keys(models.Model):

2
mfa/templates/FIDO2/Add.html
View File

@@ -32,7 +32,7 @@
}).then(function (res)
{
if (res["status"] =='OK')
$("#res").html("<div class='alert alert-success'>Registered Successfully, <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
$("#res").html("<div class='alert alert-success'>Registered Successfully, <a href='{{redirect_html}}'> {{reg_success_msg}}</a></div>")
else
$("#res").html("<div class='alert alert-danger'>Registeration Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='begin_reg()'> try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")

2
mfa/templates/TOTP/Add.html
View File

@@ -43,7 +43,7 @@
else
{
alert("Your authenticator is added successfully.")
window.location.href="{% url 'mfa_home' %}"
window.location.href="{{ redirect_html }}"
}
}
})

2
mfa/templates/U2F/Add.html
View File

@@ -24,7 +24,7 @@
if (data == "OK")
{
alert("Your device is added successfully.")
window.location.href="{% url 'mfa_home' %}"
window.location.href="{{ redirect_html }}"
}
}
})

3
mfa/totp.py
View File

@@ -72,4 +72,5 @@ def verify(request):
@never_cache
def start(request):
return render(request,"TOTP/Add.html",{})
"""Start Adding Time One Time Password (TOTP)"""
return render(request,"TOTP/Add.html",get_redirect_url())