josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cleanup code examples in README

Browse Source
This commit is contained in:
Tobias Bengfort
2021-06-23 08:09:38 +02:00
parent e8ce96c404
commit ec16539c34
1 changed files with 34 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
README.md
View File

@@ -106,27 +106,29 @@ Depends on
* if user doesn't have mfa then call your function to create the user session * if user doesn't have mfa then call your function to create the user session
```python ```python
def login(request): # this function handles the login form POST from mfa.helpers import has_mfa
def login(request): # this function handles the login form POST
user = auth.authenticate(username=username, password=password) user = auth.authenticate(username=username, password=password)
if user is not None: # if the user object exist if user is not None: # if the user object exist
from mfa.helpers import has_mfa res = has_mfa(username=username, request=request) # has_mfa returns false or HttpResponseRedirect
res = has_mfa(username = username,request=request) # has_mfa returns false or HttpResponseRedirect
if res: if res:
return res return res
return log_user_in(request,username=user.username) return log_user_in(request, username=user.username)
#log_user_in is a function that handles creatung user session, it should be in the setting file as MFA_CALLBACK # log_user_in is a function that handles creating user session, it should be in the setting file as MFA_CALLBACK
``` ```
1. Add mfa to urls.py 1. Add mfa to urls.py
```python ```python
import mfa import mfa
import mfa.TrustedDevice import mfa.TrustedDevice
urls_patterns= [
'...', urls_patterns = [
url(r'^mfa/', include('mfa.urls')), '...',
url(r'devices/add$', mfa.TrustedDevice.add,name="mfa_add_new_trusted_device"), # This short link to add new trusted device url(r'^mfa/', include('mfa.urls')),
'....', url(r'devices/add$', mfa.TrustedDevice.add,name="mfa_add_new_trusted_device"), # This short link to add new trusted device
] '....',
``` ]
```
1. Provide `mfa_auth_base.html` in your templates with block called 'head' and 'content' 1. Provide `mfa_auth_base.html` in your templates with block called 'head' and 'content'
The template will be included during the user login. The template will be included during the user login.
If you will use Email Token method, then you have to provide template named `mfa_email_token_template.html` that will content the format of the email with parameter named `user` and `otp`. If you will use Email Token method, then you have to provide template named `mfa_email_token_template.html` that will content the format of the email with parameter named `user` and `otp`.
@@ -140,40 +142,42 @@ For Example, See https://github.com/mkalioby/AutoDeploy/commit/5f1d94b1804e0aa33
To be able to go passwordless for returning users, create a cookie named 'base_username' containing username as shown in snippet below To be able to go passwordless for returning users, create a cookie named 'base_username' containing username as shown in snippet below
```python ```python
response = render(request, 'Dashboard.html', context)) response = render(request, 'Dashboard.html', context))
if request.session.get("mfa",{}).get("verified",False) and getattr(settings,"MFA_QUICKLOGIN",False): if request.session.get("mfa", {}).get("verified", False) and getattr(settings, "MFA_QUICKLOGIN", False):
if request.session["mfa"]["method"]!="Trusted Device": if request.session["mfa"]["method"] != "Trusted Device":
response.set_cookie("base_username", request.user.username, path="/",max_age = 15*24*60*60) response.set_cookie("base_username", request.user.username, path="/", max_age=15 * 24 * 60 * 60)
return response return response
``` ```
Second, update the GET part of your login view Second, update the GET part of your login view
```python ```python
if "mfa" in settings.INSTALLED_APPS and getattr(settings,"MFA_QUICKLOGIN",False) and request.COOKIES.get('base_username'): from mfa.helpers import has_mfa
username=request.COOKIES.get('base_username')
from mfa.helpers import has_mfa if "mfa" in settings.INSTALLED_APPS and getattr(settings, "MFA_QUICKLOGIN", False) and request.COOKIES.get('base_username'):
res = has_mfa(username = username,request=request,) username=request.COOKIES.get('base_username')
if res: return res res = has_mfa(username=username, request=request)
## continue and return the form. if res:
return res
# continue and return the form.
``` ```
# Checking MFA on Client Side # Checking MFA on Client Side
Sometimes you like to verify that the user is still there so simple you can ask django-mfa2 to check that for you Sometimes you like to verify that the user is still there so simple you can ask django-mfa2 to check that for you
```html ```html
{% include 'mfa_check.html' %} {% include 'mfa_check.html' %}
``` ```
````js ````js
function success_func() { function success_func() {
//logic if mfa check succeeds // logic if mfa check succeeds
} }
function fail_func() { function fail_func() {
//logic if mfa check fails // logic if mfa check fails
} }
function some_func() { function some_func() {
recheck_mfa(success_func,fail_func,MUST_BE_MFA) recheck_mfa(success_func, fail_func, MUST_BE_MFA)
//MUST_BE_MFA true or false, if the user must has with MFA // MUST_BE_MFA true or false, if the user must has with MFA
} }
```` ````