josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes and applied comments

Browse Source
This commit is contained in:
Spitap
2022-08-31 21:13:15 +02:00
parent cf4f6ed224
commit d0113dd2cc
9 changed files with 98 additions and 211 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
mfa/views.py
View File

@@ -32,7 +32,7 @@ def verify(request,username):
request.session["base_username"] = username
#request.session["base_password"] = password
keys=User_Keys.objects.filter(username=username,enabled=1)
methods=list(set([k.key_type for k in keys if k.key_type != "RECOVERY"]))
methods=list(set([k.key_type for k in keys]))
if "Trusted Device" in methods and not request.session.get("checked_trusted_device",False):
if TrustedDevice.verify(request):
@@ -40,10 +40,6 @@ def verify(request,username):
methods.remove("Trusted Device")
request.session["mfa_methods"] = methods
if "TOTP" not in methods and "RECOVERY" not in settings.MFA_UNALLOWED_METHODS:
#Add the "totp" option if user doesn't have totp auth (case with fido auth and backup code for instace)
methods.append("TOTP")
if len(methods)==1:
return HttpResponseRedirect(reverse(methods[0].lower()+"_auth"))
return show_methods(request)