Doing Email OTP

2019-01-21 16:22:08 +03:00
parent 57561dd65a
commit d74e286dff
7 changed files with 207 additions and 1 deletions
--- a/mfa/Email.py
+++ b/mfa/Email.py
@@ -0,0 +1,48 @@
+from django.shortcuts import render,render_to_response
+from django.template.context_processors import csrf
+import os
+from .models import *
+from django.template.context import RequestContext
+from .views import login
+
+def sendEmail(request,username,secret):
+    from django.contrib.auth import get_user_model
+    User = get_user_model()
+    user=User.objects.get(username=username)
+    res=render_to_response("mfa_email_token_template",{"request":request,"user":user,'otp':secret})
+    from django.conf import settings
+    from django.core.mail import EmailMessage
+    From = "%s <%s>" % (settings.EMAIL_FROM, settings.EMAIL_HOST_USER)
+    email = EmailMessage("OTP",res.content,From,user.email )
+    email.content_subtype = "html"
+    return email.send(False)
+
+def start(request):
+    context = csrf(request)
+    if request.method == "POST":
+        if request.session["email_secret"] == request.post["otp"]:
+            uk=User_Keys()
+            uk.username=request.user.username
+            uk.key_type="Email"
+            uk.enabled=1
+            uk.save()
+            from django.http import HttpResponseRedirect
+            from django.core.urlresolvers import reverse
+            return HttpResponseRedirect(reverse('mfa_home'))
+        context["invalid"] = True
+    else:
+        request.session["email_secret"] = os.urandom(6)
+        if sendEmail(request, request.session["base_username"], request.session["email_secret"]):
+            context["sent"] = True
+    return render_to_response("Email/Add.html", context, context_instance=RequestContext(request))
+def auth(request):
+    context=csrf(request)
+    if request.method=="POST":
+        if request.session["email_secret"]==request.post["otp"].strip():
+            return login(request)
+        context["invalid"]=True
+    else:
+        request.session["email_secret"]=os.urandom(6)
+        if sendEmail(request,request.session["base_username"],request.session["email_secret"]):
+            context["sent"]=True
+    return render_to_response("Email/Auth.html", context, context_instance = RequestContext(request))