use JsonResponse

mfa/FIDO2.py

@@ -3,9 +3,8 @@ import random
 import time
 import traceback
 
-import simplejson
 from django.conf import settings
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import render
 from django.template.context_processors import csrf
 from django.utils import timezone
@@ -75,14 +74,12 @@ def complete_reg(request):
         uk.owned_by_enterprise = getattr(settings, "MFA_OWNED_BY_ENTERPRISE", False)
         uk.key_type = "FIDO2"
         uk.save()
-        return HttpResponse(simplejson.dumps({"status": "OK"}))
+        return JsonResponse({"status": "OK"})
     except Exception as exp:
         print(traceback.format_exc())
-        return HttpResponse(
+        return JsonResponse(
-            simplejson.dumps(
             {"status": "ERR", "message": "Error on server, please try again later"}
         )
-        )
 
 
 def start(request):
@@ -138,27 +135,19 @@ def authenticate_complete(request):
                 signature,
             )
         except ValueError:
-            return HttpResponse(
+            return JsonResponse(
-                simplejson.dumps(
                 {
                     "status": "ERR",
                     "message": "Wrong challenge received, make sure that this is your security and try again.",
                 }
-                ),
-                content_type="application/json",
             )
         except Exception as excep:
             print(traceback.format_exc())
-            return HttpResponse(
+            return JsonResponse({"status": "ERR", "message": excep.message})
-                simplejson.dumps({"status": "ERR", "message": excep.message}),
-                content_type="application/json",
-            )
 
         if request.session.get("mfa_recheck", False):
             request.session["mfa"]["rechecked_at"] = time.time()
-            return HttpResponse(
+            return JsonResponse({"status": "OK"})
-                simplejson.dumps({"status": "OK"}), content_type="application/json"
-            )
         else:
             keys = User_Keys.objects.filter(
                 username=username, key_type="FIDO2", enabled=1
@@ -190,18 +179,9 @@ def authenticate_complete(request):
                         res = login(request)
                         if not "location" in res:
                             return reset_cookie(request)
-                        return HttpResponse(
+                        return JsonResponse(
-                            simplejson.dumps(
                             {"status": "OK", "redirect": res["location"]}
-                            ),
-                            content_type="application/json",
-                        )
-                    return HttpResponse(
-                        simplejson.dumps({"status": "OK"}),
-                        content_type="application/json",
                         )
+                    return JsonResponse({"status": "OK"})
     except Exception as exp:
-        return HttpResponse(
+        return JsonResponse({"status": "ERR", "message": str(exp)})
-            simplejson.dumps({"status": "ERR", "message": str(exp)}),
-            content_type="application/json",
-        )

mfa/U2F.py

@@ -8,7 +8,7 @@ from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.serialization import Encoding
 from django.conf import settings
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import render
 from django.template.context_processors import csrf
 from django.utils import timezone
@@ -38,9 +38,7 @@ def process_recheck(request):
     x = validate(request, request.user.username)
     if x == True:
         request.session["mfa"]["rechecked_at"] = time.time()
-        return HttpResponse(
+        return JsonResponse({"recheck": True})
-            simplejson.dumps({"recheck": True}), content_type="application/json"
-        )
     return x
 
 

mfa/helpers.py

@@ -1,5 +1,4 @@
-import simplejson
+from django.http import JsonResponse
-from django.shortcuts import HttpResponse
 
 from . import FIDO2, U2F, TrustedDevice, totp
 from .models import User_Keys
@@ -22,26 +21,12 @@ def is_mfa(request, ignore_methods=[]):
 def recheck(request):
     method = request.session.get("mfa", {}).get("method", None)
     if not method:
-        return HttpResponse(
+        return JsonResponse({"res": False})
-            simplejson.dumps({"res": False}), content_type="application/json"
-        )
     if method == "Trusted Device":
-        return HttpResponse(
+        return JsonResponse({"res": TrustedDevice.verify(request)})
-            simplejson.dumps({"res": TrustedDevice.verify(request)}),
-            content_type="application/json",
-        )
     elif method == "U2F":
-        return HttpResponse(
+        return JsonResponse({"html": U2F.recheck(request).content})
-            simplejson.dumps({"html": U2F.recheck(request).content}),
-            content_type="application/json",
-        )
     elif method == "FIDO2":
-        return HttpResponse(
+        return JsonResponse({"html": FIDO2.recheck(request).content})
-            simplejson.dumps({"html": FIDO2.recheck(request).content}),
-            content_type="application/json",
-        )
     elif method == "TOTP":
-        return HttpResponse(
+        return JsonResponse({"html": totp.recheck(request).content})
-            simplejson.dumps({"html": totp.recheck(request).content}),
-            content_type="application/json",
-        )

mfa/totp.py

@@ -3,9 +3,8 @@ import random
 import time
 
 import pyotp
-import simplejson
 from django.conf import settings
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import render
 from django.template.context_processors import csrf
 from django.utils import timezone
@@ -32,13 +31,9 @@ def recheck(request):
     if request.method == "POST":
         if verify_login(request, request.user.username, token=request.POST["otp"]):
             request.session["mfa"]["rechecked_at"] = time.time()
-            return HttpResponse(
+            return JsonResponse({"recheck": True})
-                simplejson.dumps({"recheck": True}), content_type="application/json"
-            )
         else:
-            return HttpResponse(
+            return JsonResponse({"recheck": False})
-                simplejson.dumps({"recheck": False}), content_type="application/json"
-            )
     return render(request, "TOTP/recheck.html", context)
 
 
@@ -72,8 +67,7 @@ def getToken(request):
     secret_key = pyotp.random_base32()
     totp = pyotp.TOTP(secret_key)
     request.session["new_mfa_answer"] = totp.now()
-    return HttpResponse(
+    return JsonResponse(
-        simplejson.dumps(
         {
             "qr": pyotp.totp.TOTP(secret_key).provisioning_uri(
                 str(request.user.username), issuer_name=settings.TOKEN_ISSUER_NAME
@@ -81,7 +75,6 @@ def getToken(request):
             "secret_key": secret_key,
         }
     )
-    )
 
 
 def verify(request):