use JsonResponse

2021-06-17 09:20:02 +02:00
parent 81675207d3
commit f4d8934ef5
4 changed files with 33 additions and 77 deletions
--- a/mfa/FIDO2.py
+++ b/mfa/FIDO2.py
@@ -3,9 +3,8 @@ import random
 import time
 import traceback

-import simplejson
 from django.conf import settings
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import render
 from django.template.context_processors import csrf
 from django.utils import timezone
@@ -75,13 +74,11 @@ def complete_reg(request):
        uk.owned_by_enterprise = getattr(settings, "MFA_OWNED_BY_ENTERPRISE", False)
        uk.key_type = "FIDO2"
        uk.save()
-        return HttpResponse(simplejson.dumps({"status": "OK"}))
+        return JsonResponse({"status": "OK"})
    except Exception as exp:
        print(traceback.format_exc())
-        return HttpResponse(
-            simplejson.dumps(
-                {"status": "ERR", "message": "Error on server, please try again later"}
-            )
+        return JsonResponse(
+            {"status": "ERR", "message": "Error on server, please try again later"}
        )


@@ -138,27 +135,19 @@ def authenticate_complete(request):
                signature,
            )
        except ValueError:
-            return HttpResponse(
-                simplejson.dumps(
-                    {
-                        "status": "ERR",
-                        "message": "Wrong challenge received, make sure that this is your security and try again.",
-                    }
-                ),
-                content_type="application/json",
+            return JsonResponse(
+                {
+                    "status": "ERR",
+                    "message": "Wrong challenge received, make sure that this is your security and try again.",
+                }
            )
        except Exception as excep:
            print(traceback.format_exc())
-            return HttpResponse(
-                simplejson.dumps({"status": "ERR", "message": excep.message}),
-                content_type="application/json",
-            )
+            return JsonResponse({"status": "ERR", "message": excep.message})

        if request.session.get("mfa_recheck", False):
            request.session["mfa"]["rechecked_at"] = time.time()
-            return HttpResponse(
-                simplejson.dumps({"status": "OK"}), content_type="application/json"
-            )
+            return JsonResponse({"status": "OK"})
        else:
            keys = User_Keys.objects.filter(
                username=username, key_type="FIDO2", enabled=1
@@ -190,18 +179,9 @@ def authenticate_complete(request):
                        res = login(request)
                        if not "location" in res:
                            return reset_cookie(request)
-                        return HttpResponse(
-                            simplejson.dumps(
-                                {"status": "OK", "redirect": res["location"]}
-                            ),
-                            content_type="application/json",
+                        return JsonResponse(
+                            {"status": "OK", "redirect": res["location"]}
                        )
-                    return HttpResponse(
-                        simplejson.dumps({"status": "OK"}),
-                        content_type="application/json",
-                    )
+                    return JsonResponse({"status": "OK"})
    except Exception as exp:
-        return HttpResponse(
-            simplejson.dumps({"status": "ERR", "message": str(exp)}),
-            content_type="application/json",
-        )
+        return JsonResponse({"status": "ERR", "message": str(exp)})
--- a/mfa/U2F.py
+++ b/mfa/U2F.py
@@ -8,7 +8,7 @@ from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.serialization import Encoding
 from django.conf import settings
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import render
 from django.template.context_processors import csrf
 from django.utils import timezone
@@ -38,9 +38,7 @@ def process_recheck(request):
    x = validate(request, request.user.username)
    if x == True:
        request.session["mfa"]["rechecked_at"] = time.time()
-        return HttpResponse(
-            simplejson.dumps({"recheck": True}), content_type="application/json"
-        )
+        return JsonResponse({"recheck": True})
    return x


--- a/mfa/helpers.py
+++ b/mfa/helpers.py
@@ -1,5 +1,4 @@
-import simplejson
-from django.shortcuts import HttpResponse
+from django.http import JsonResponse

 from . import FIDO2, U2F, TrustedDevice, totp
 from .models import User_Keys
@@ -22,26 +21,12 @@ def is_mfa(request, ignore_methods=[]):
 def recheck(request):
    method = request.session.get("mfa", {}).get("method", None)
    if not method:
-        return HttpResponse(
-            simplejson.dumps({"res": False}), content_type="application/json"
-        )
+        return JsonResponse({"res": False})
    if method == "Trusted Device":
-        return HttpResponse(
-            simplejson.dumps({"res": TrustedDevice.verify(request)}),
-            content_type="application/json",
-        )
+        return JsonResponse({"res": TrustedDevice.verify(request)})
    elif method == "U2F":
-        return HttpResponse(
-            simplejson.dumps({"html": U2F.recheck(request).content}),
-            content_type="application/json",
-        )
+        return JsonResponse({"html": U2F.recheck(request).content})
    elif method == "FIDO2":
-        return HttpResponse(
-            simplejson.dumps({"html": FIDO2.recheck(request).content}),
-            content_type="application/json",
-        )
+        return JsonResponse({"html": FIDO2.recheck(request).content})
    elif method == "TOTP":
-        return HttpResponse(
-            simplejson.dumps({"html": totp.recheck(request).content}),
-            content_type="application/json",
-        )
+        return JsonResponse({"html": totp.recheck(request).content})
--- a/mfa/totp.py
+++ b/mfa/totp.py
@@ -3,9 +3,8 @@ import random
 import time

 import pyotp
-import simplejson
 from django.conf import settings
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import render
 from django.template.context_processors import csrf
 from django.utils import timezone
@@ -32,13 +31,9 @@ def recheck(request):
    if request.method == "POST":
        if verify_login(request, request.user.username, token=request.POST["otp"]):
            request.session["mfa"]["rechecked_at"] = time.time()
-            return HttpResponse(
-                simplejson.dumps({"recheck": True}), content_type="application/json"
-            )
+            return JsonResponse({"recheck": True})
        else:
-            return HttpResponse(
-                simplejson.dumps({"recheck": False}), content_type="application/json"
-            )
+            return JsonResponse({"recheck": False})
    return render(request, "TOTP/recheck.html", context)


@@ -72,15 +67,13 @@ def getToken(request):
    secret_key = pyotp.random_base32()
    totp = pyotp.TOTP(secret_key)
    request.session["new_mfa_answer"] = totp.now()
-    return HttpResponse(
-        simplejson.dumps(
-            {
-                "qr": pyotp.totp.TOTP(secret_key).provisioning_uri(
-                    str(request.user.username), issuer_name=settings.TOKEN_ISSUER_NAME
-                ),
-                "secret_key": secret_key,
-            }
-        )
+    return JsonResponse(
+        {
+            "qr": pyotp.totp.TOTP(secret_key).provisioning_uri(
+                str(request.user.username), issuer_name=settings.TOKEN_ISSUER_NAME
+            ),
+            "secret_key": secret_key,
+        }
    )