josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add id to the session dict, Jumped to v1.5

Browse Source
This commit is contained in:
Mohamed ElKalioby
2019-06-20 16:05:23 +03:00
parent 087ea69de1
commit ed204c1d85
8 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
mfa/CHANGELOG.md
View File

@@ -1,4 +1,13 @@
# Change Log # Change Log
## v.1.5.0
* Added id the key used to validate to the session dictionary as 'id'
## v1.4.0
* Updated to FIDO == 0.7
## v1.3.0
* Updated to FIDO2 == 0.6
* Windows Hello is now supported.
## v1.2.0 ## v1.2.0
* Added: MFA_HIDE_DISABLE setting option to disable users from deactivating their keys. * Added: MFA_HIDE_DISABLE setting option to disable users from deactivating their keys.

5
mfa/Email.py
View File

@@ -37,12 +37,13 @@ def auth(request):
context=csrf(request) context=csrf(request)
if request.method=="POST": if request.method=="POST":
if request.session["email_secret"]==request.POST["otp"].strip(): if request.session["email_secret"]==request.POST["otp"].strip():
mfa = {"verified": True, "method": "Email"} uk = User_Keys.objects.get(username=request.session["base_username"], key_type="Email")
mfa = {"verified": True, "method": "Email","id":uk.id}
if getattr(settings, "MFA_RECHECK", False): if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now() + datetime.timedelta( mfa["next_check"] = int((datetime.datetime.now() + datetime.timedelta(
seconds = random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s")) seconds = random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s"))
request.session["mfa"] = mfa request.session["mfa"] = mfa
uk=User_Keys.objects.get(username=request.session["base_username"],key_type="Email")
from django.utils import timezone from django.utils import timezone
uk.last_used=timezone.now() uk.last_used=timezone.now()
uk.save() uk.save()

2
mfa/FIDO2.py
View File

@@ -107,7 +107,7 @@ def authenticate_complete(request):
if AttestedCredentialData(websafe_decode(k.properties["device"])).credential_id == cred.credential_id: if AttestedCredentialData(websafe_decode(k.properties["device"])).credential_id == cred.credential_id:
k.last_used = timezone.now() k.last_used = timezone.now()
k.save() k.save()
mfa = {"verified": True, "method": "FIDO2"} mfa = {"verified": True, "method": "FIDO2",'id':k.id}
if getattr(settings, "MFA_RECHECK", False): if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now()+ datetime.timedelta( mfa["next_check"] = int((datetime.datetime.now()+ datetime.timedelta(
seconds=random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s")) seconds=random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s"))

2
mfa/TrustedDevice.py
View File

@@ -128,7 +128,7 @@ def verify(request):
if uk.enabled and uk.properties["status"] == "trusted": if uk.enabled and uk.properties["status"] == "trusted":
uk.last_used=timezone.now() uk.last_used=timezone.now()
uk.save() uk.save()
request.session["mfa"] = {"verified": True, "method": "Trusted Device"} request.session["mfa"] = {"verified": True, "method": "Trusted Device","id":uk.id}
return True return True
except: except:
return False return False

2
mfa/U2F.py
View File

@@ -52,7 +52,7 @@ def validate(request,username):
key=User_Keys.objects.get(username=username,properties__shas="$.device.publicKey=%s"%device["publicKey"]) key=User_Keys.objects.get(username=username,properties__shas="$.device.publicKey=%s"%device["publicKey"])
key.last_used=timezone.now() key.last_used=timezone.now()
key.save() key.save()
mfa = {"verified": True, "method": "U2F"} mfa = {"verified": True, "method": "U2F","id":key.id}
if getattr(settings, "MFA_RECHECK", False): if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now() mfa["next_check"] = int((datetime.datetime.now()
+ datetime.timedelta( + datetime.timedelta(

2
mfa/__init__.py
View File

@@ -1 +1 @@
__version__="1.4.1" __version__="1.5.0"

9
mfa/totp.py
View File

@@ -16,8 +16,8 @@ def verify_login(request,username,token):
if totp.verify(token,valid_window = 30): if totp.verify(token,valid_window = 30):
key.last_used=timezone.now() key.last_used=timezone.now()
key.save() key.save()
return True return [True,key.id]
return False return [False]
def recheck(request): def recheck(request):
context = csrf(request) context = csrf(request)
@@ -32,8 +32,9 @@ def recheck(request):
def auth(request): def auth(request):
context=csrf(request) context=csrf(request)
if request.method=="POST": if request.method=="POST":
if verify_login(request,request.session["base_username"],token = request.POST["otp"]): res=verify_login(request,request.session["base_username"],token = request.POST["otp"])
mfa = {"verified": True, "method": "TOTP"} if res[0]:
mfa = {"verified": True, "method": "TOTP","id":res[1]}
if getattr(settings, "MFA_RECHECK", False): if getattr(settings, "MFA_RECHECK", False):
mfa["next_check"] = int((datetime.datetime.now() mfa["next_check"] = int((datetime.datetime.now()
+ datetime.timedelta( + datetime.timedelta(

2
setup.py
View File

@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
setup( setup(
name='django-mfa2', name='django-mfa2',
version='1.4.1', version='1.5.0',
description='Allows user to add 2FA to their accounts', description='Allows user to add 2FA to their accounts',
long_description=open("README.md").read(), long_description=open("README.md").read(),
long_description_content_type="text/markdown", long_description_content_type="text/markdown",