josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added Enforce Recovery Method

Browse Source
This commit is contained in:
Mohamed ElKalioby
2022-09-07 11:53:26 +03:00
parent e42770e852
commit dcd962ad16
15 changed files with 124 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
mfa/templates/FIDO2/Add.html
View File

@@ -32,9 +32,14 @@
}).then(function (res)
{
if (res["status"] =='OK')
$("#res").html("<div class='alert alert-success'>Registered Successfully, <a href='{{redirect_html}}'> {{reg_success_msg}}</a></div>")
else
$("#res").html("<div class='alert alert-danger'>Registration Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='begin_reg()'> try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
$("#res").html("<div class='alert alert-success'>Registered Successfully, <a href='{{redirect_html}}'> {{reg_success_msg}}</a></div>")
else if (res['status'] = "RECOVERY")
{
setTimeout(function (){location.href="{% url 'manage_recovery_codes' %}"},2500)
$("#res").html("<div class='alert alert-success'>Registered Successfully, but <a href='{% url 'manage_recovery_codes' %}'>redirecting to {{ RECOVERY_METHOD }} method</a></div>")
}
else
$("#res").html("<div class='alert alert-danger'>Registration Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='begin_reg()'> try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
}, function(reason) {
@@ -61,7 +66,7 @@
<div class="container">
<div class="panel panel-default card">
<div class="panel-heading card-header">
<strong> FIDO2 Security Key</strong>
<strong> Adding a New {{ method.name }}</strong>
</div>
<div class="panel-body card-body">

9
mfa/templates/RECOVERY/Add.html
View File

@@ -35,13 +35,16 @@
$.ajax({"url":"{% url 'get_recovery_token_left' %}", dataType:"JSON",
success:function (data) {
tokenLeft = data.left
let html
html = ""
{% if mfa_redirect %}
html += "<div class='alert alert-success'>You have enrolled successfully in {{ mfa_redirect }} method, please generate recovery codes so that you can use in case you lost access to all your verification methods.</div>"
{% endif %}
if (tokenLeft == 0) {
html = "<h6>You don't have any backup code left, please generate new ones !</h6>"
html += "<h6>You don't have any backup code linked to your account, please generate new ones !</h6>"
}
else {
html = "<p>You still have "+tokenLeft+" backup code left."
html += "<p>You still have "+tokenLeft+" backup code left."
}
document.getElementById('tokens').innerHTML = html
}})

35
mfa/templates/TOTP/Add.html
View File

@@ -38,13 +38,16 @@
$.ajax({
"url":"{% url 'verify_otop' %}?key="+key+ "&answer="+answer,
success:function (data) {
if (data == "Error")
alert("You entered wrong numbers, please try again")
else
{
alert("Your authenticator is added successfully.")
window.location.href="{{ redirect_html }}"
}
if (data =='Success')
$("#res").html("<div class='alert alert-success'>Your authenticator is registered successfully, <a href='{{redirect_html}}'> {{reg_success_msg}}</a></div>")
else if (data == "RECOVERY")
{
setTimeout(function (){location.href="{% url 'manage_recovery_codes' %}"},2500)
$("#res").html("<div class='alert alert-success'>Your authenticator is registered successfully, but <a href='{% url 'manage_recovery_codes' %}'>redirecting to {{ RECOVERY_METHOD }} method</a></div>")
}
else
$("#res").html("<div class='alert alert-danger'>The code provided doesn't match the key, please try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
}
})
}
@@ -66,21 +69,24 @@
<div class="container d-flex justify-content-center">
<div class="col-md-6 col-md-offset-3" id="two-factor-steps">
<div class="row" align="center">
<h4>Adding Authenticator</h4>
<h4>Adding a new {{ method.name }}</h4>
</div>
<div class="row">
<p>Scan the image below with the two-factor authentication app on your <a href="javascript:void(0)" onclick="showTOTP()">phone/PC</a>. If you cant use a barcode,
<a href="javascript:void(0)" onclick="showKey()">enter this text</a> instead. </p>
</div>
<div id="res">
<div class="row">
</div>
<div class="row" style="text-align: center">
<div align="center" style="display: none" id="second_step">
<div align="center" style="display: none;text-align: center;align-content: center" id="second_step">
<img id="qr"/>
</div>
</div>
<div class="row">
<p><b>Enter the six-digit code from the application</b></p>
@@ -88,16 +94,13 @@
</div>
<div class="row">
<div class="offset-md-4 col-md-4">
<input style="display: inline;width: 95%" maxlength="6" size="6" class="form-control" id="answer" placeholder="e.g 785481"/>
</div>
</div>
<div class="row" style="padding-top: 10px;">
<div class="col-md-6" style="padding-left: 0px">
<div class="col-md-4 offset-md-4" style="padding-left: 0px">
<button class="btn btn-success" onclick="verify()">Enable</button>
</div>
<div class="col-md-6" align="right" style="padding-right: 30px">
<a href="{% url 'mfa_home' %}" class="btn btn-default btn-secondary" role="button">Cancel</a>
</div>
</div>

27
mfa/templates/U2F/Add.html
View File

@@ -13,7 +13,7 @@
</style>
<script src="{% static 'mfa/js/u2f-api.js' %}" type="text/javascript"></script>
<script type="text/javascript">
$(document).ready(function addToken() {
function addToken() {
data=JSON.parse('{{ token|safe }}')
console.log(data)
u2f.register(data.appId,data.registerRequests,data.registeredKeys,function (response) {
@@ -21,15 +21,24 @@
"url":"{% url 'bind_u2f' %}",method:"POST",
data:{"csrfmiddlewaretoken":"{{ csrf_token }}","response":JSON.stringify(response)},
success:function (data) {
if (data == "OK")
{
alert("Your device is added successfully.")
window.location.href="{{ redirect_html }}"
}
if (data =='OK')
$("#res").html("<div class='alert alert-success'>Your device is registered successfully, <a href='{{redirect_html}}'> {{reg_success_msg}}</a></div>")
else if (data == "RECOVERY")
{
setTimeout(function (){location.href="{% url 'manage_recovery_codes' %}"},2500)
$("#res").html("<div class='alert alert-success'>Your device is registered successfully, but <a href='{% url 'manage_recovery_codes' %}'>redirecting to {{ RECOVERY_METHOD }} method</a></div>")
}
else
$("#res").html("<div class='alert alert-danger'>Registration failed, please <a href='javascript:void(0)' onclick='addToken()'>try again</a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
},
error: function (data)
{
$("#res").html("<div class='alert alert-danger'>Registration failed, please <a href='javascript:void(0)' onclick='addToken()'>try again</a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
}
})
},5000)
})
}
$(document).ready(addToken())
</script>
{% endblock %}
@@ -37,9 +46,11 @@
<br/>
<br/>
<div class="container">
<div class="col-md-6 col-md-offset-3" id="two-factor-steps">
<div id="res"></div>
<div class="row" align="center">
<h4>Adding Security Key</h4>
<h4>Adding {{ method.name}}</h4>
</div>
<div class="row">
<p style="color: green">Your secure Key should be flashing now, please press on button.</p>

2
mfa/templates/U2F/recheck.html
View File

@@ -4,7 +4,7 @@
<div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
<div class="panel panel-default card">
<div class="panel-heading card-header">
<strong> Security Key</strong>
<strong> Verify your identity using {{ method.name }}</strong>
</div>
<div class="panel-body card-body">