josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add id to the session dict, Jumped to v1.5

Browse Source
This commit is contained in:
Mohamed ElKalioby
2019-06-20 16:05:23 +03:00
parent 087ea69de1
commit ed204c1d85
8 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
mfa/CHANGELOG.md
View File

@@ -1,4 +1,13 @@
# Change Log
## v.1.5.0
* Added id the key used to validate to the session dictionary as 'id'
## v1.4.0
* Updated to FIDO == 0.7
## v1.3.0
* Updated to FIDO2 == 0.6
* Windows Hello is now supported.
## v1.2.0
* Added: MFA_HIDE_DISABLE setting option to disable users from deactivating their keys.

5
mfa/Email.py
View File

@@ -37,12 +37,13 @@ def auth(request):
context=csrf(request)
if request.method=="POST":
if request.session["email_secret"]==request.POST["otp"].strip():
mfa = {"verified": True, "method": "Email"}
uk = User_Keys.objects.get(username=request.session["base_username"], key_type="Email")
mfa = {"verified": True, "method": "Email","id":uk.id}
if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now() + datetime.timedelta(
seconds = random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s"))
request.session["mfa"] = mfa
uk=User_Keys.objects.get(username=request.session["base_username"],key_type="Email")
from django.utils import timezone
uk.last_used=timezone.now()
uk.save()

2
mfa/FIDO2.py
View File

@@ -107,7 +107,7 @@ def authenticate_complete(request):
if AttestedCredentialData(websafe_decode(k.properties["device"])).credential_id == cred.credential_id:
k.last_used = timezone.now()
k.save()
mfa = {"verified": True, "method": "FIDO2"}
mfa = {"verified": True, "method": "FIDO2",'id':k.id}
if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now()+ datetime.timedelta(
seconds=random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s"))

2
mfa/TrustedDevice.py
View File

@@ -128,7 +128,7 @@ def verify(request):
if uk.enabled and uk.properties["status"] == "trusted":
uk.last_used=timezone.now()
uk.save()
request.session["mfa"] = {"verified": True, "method": "Trusted Device"}
request.session["mfa"] = {"verified": True, "method": "Trusted Device","id":uk.id}
return True
except:
return False

2
mfa/U2F.py
View File

@@ -52,7 +52,7 @@ def validate(request,username):
key=User_Keys.objects.get(username=username,properties__shas="$.device.publicKey=%s"%device["publicKey"])
key.last_used=timezone.now()
key.save()
mfa = {"verified": True, "method": "U2F"}
mfa = {"verified": True, "method": "U2F","id":key.id}
if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now()
+ datetime.timedelta(

2
mfa/__init__.py
View File

@@ -1 +1 @@
__version__="1.4.1"
__version__="1.5.0"

9
mfa/totp.py
View File

@@ -16,8 +16,8 @@ def verify_login(request,username,token):
if totp.verify(token,valid_window = 30):
key.last_used=timezone.now()
key.save()
return True
return False
return [True,key.id]
return [False]
def recheck(request):
context = csrf(request)
@@ -32,8 +32,9 @@ def recheck(request):
def auth(request):
context=csrf(request)
if request.method=="POST":
if verify_login(request,request.session["base_username"],token = request.POST["otp"]):
mfa = {"verified": True, "method": "TOTP"}
res=verify_login(request,request.session["base_username"],token = request.POST["otp"])
if res[0]:
mfa = {"verified": True, "method": "TOTP","id":res[1]}
if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now()
+ datetime.timedelta(