Upgrading to FIDO2==1.0.0

WIP: Upgrading Fido2
Updated CHANGELOG
2022-06-13 17:18:00 +03:00 · 2022-06-13 16:47:31 +03:00 · 2022-06-01 20:23:37 +03:00 · 2022-05-30 17:43:00 +03:00 · 2022-05-30 17:25:57 +03:00 · 2022-05-24 09:58:31 -04:00
20 changed files with 79 additions and 89 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,8 +4,7 @@
   * Fixed: issue in the 'Authorize' button don't show on Firefox and Chrome on iOS.
     Note: It seems Firefox doesn't support WebAuthn on iOS
   * Fixed: Support for bootstrap5
-     Thanks to @ezrajrice
-   * Upgraded to fido2==1.0.0
+Thanks to @ezrajrice

 ## 2.4.0

--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ Depends on
 * ua-parser
 * user-agents
 * python-jose
-* fido2==1.0.0
+* fido2==0.9.0

 # Installation
 1. using pip 
--- a/example/example/templates/base.html
+++ b/example/example/templates/base.html
@@ -36,7 +36,7 @@

    <!-- Navbar Search -->
    <form class="d-none d-md-inline-block form-inline ml-auto mr-0 mr-md-3 my-2 my-md-0">
-      <div class="input-group mb-3">
+      <div class="input-group">
        <input type="text" class="form-control" placeholder="Search for..." aria-label="Search" aria-describedby="basic-addon2">
        <div class="input-group-append">
          <button class="btn btn-primary" type="button">
--- a/example/example/templates/blank.html
+++ b/example/example/templates/blank.html
@@ -34,7 +34,7 @@

    <!-- Navbar Search -->
    <form class="d-none d-md-inline-block form-inline ml-auto mr-0 mr-md-3 my-2 my-md-0">
-      <div class="input-group mb-3">
+      <div class="input-group">
        <input type="text" class="form-control" placeholder="Search for..." aria-label="Search" aria-describedby="basic-addon2">
        <div class="input-group-append">
          <button class="btn btn-primary" type="button">
--- a/mfa/FIDO2.py
+++ b/mfa/FIDO2.py
@@ -16,7 +16,7 @@ from .views import login, reset_cookie
 import datetime
 from .Common import get_redirect_url
 from django.utils import timezone
-from django.http import JsonResponse
+

 def recheck(request):
    """Starts FIDO2 recheck"""
@@ -49,15 +49,13 @@ def begin_registeration(request):
 def complete_reg(request):
    """Completes the registeration, called by API"""
    try:
-        if not "fido_state" in request.session:
-            return JsonResponse({'status': 'ERR', "message": "FIDO Status can't be found, please try again"})
        data = cbor.decode(request.body)

        client_data = CollectedClientData(data['clientDataJSON'])
        att_obj = AttestationObject((data['attestationObject']))
        server = getServer()
        auth_data = server.register_complete(
-            request.session.pop('fido_state'),
+            request.session['fido_state'],
            client_data,
            att_obj
        )
@@ -77,7 +75,7 @@ def complete_reg(request):
            client.captureException()
        except:
            pass
-        return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"})
+        return HttpResponse(simplejson.dumps({'status': 'ERR', "message": "Error on server, please try again later"}))


 def start(request):
--- a/mfa/templates/Email/Add.html
+++ b/mfa/templates/Email/Add.html
@@ -4,12 +4,12 @@
 {% block content %}
 <br/>
 <br/>
-<div class="container d-flex justify-content-center">
-  <div class="panel panel-default card">
-    <div class="panel-heading card-header">
+<div class="container">
+  <div class="panel panel-default">
+    <div class="panel-heading">
      <strong> Activate Token by email</strong>
    </div>
-    <div class="panel-body card-body">
+    <div class="panel-body">
      <FORM METHOD="POST" ACTION="{% url 'start_email' %}" Id="formLogin"  onSubmit="" name="FrontPage_Form1">
        {% csrf_token %}
        {%  if invalid %}
@@ -31,14 +31,14 @@
          <div class="row">
            <div class="col-sm-12 col-md-12">
              <div class="form-group">
-                <div class="input-group mb-3">
-                  <span class="input-group-addon input-group-text">
-                  <i class="glyphicon glyphicon-lock bi bi-lock"></i>
+                <div class="input-group">
+                  <span class="input-group-addon">
+                  <i class="glyphicon glyphicon-lock"></i>
                  </span>
                  <input class="form-control" size="6" MaxLength="6" value="" placeholder="e.g 55552" name="otp" type="text" id="otp" autofocus>
                </div>
              </div>
-              <div class="form-group d-grid gap-2">
+              <div class="form-group">
                <input type="submit" class="btn btn-lg btn-success btn-block" value="Verify">
              </div>
            </div>
--- a/mfa/templates/Email/recheck.html
+++ b/mfa/templates/Email/recheck.html
@@ -13,15 +13,14 @@

    }
 </script>
-<div class='container'>
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
-<div class="panel panel-default card">
-      <div class="panel-heading card-header">
+<div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> Email One Time Password </strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">

      <FORM METHOD="POST" ACTION="{% url 'email_auth' %}" Id="formLogin" onSubmit="" name="FrontPage_Form1">

@@ -47,16 +46,16 @@
      <div class="row">
 	  <div class="col-sm-12 col-md-12">
 	    <div class="form-group">
-	      <div class="input-group mb-3">
-		<span class="input-group-addon input-group-text">
-		<i class="glyphicon glyphicon-lock bi bi-lock"></i>
+	      <div class="input-group">
+		<span class="input-group-addon">
+		<i class="glyphicon glyphicon-lock"></i>
 		</span>
 		<input class="form-control" size="6" MaxLength="6" value="" placeholder="e.g 55552" name="otp" type="text" id="otp" autofocus>

 	      </div>
 	    </div>

-          <div class="form-group d-grid gap-2">
+          <div class="form-group">

 	      <input type="{% if mode == "auth" %}submit{% elif mode == 'recheck'  %}button{% endif %}" {% if mode == "recheck" %}onclick="send_totp()" {% endif %} class="btn btn-lg btn-success btn-block" value="Sign in">
 	      </div>
@@ -65,7 +64,7 @@
      </FORM>
      </div>
        <div class="row">
-        <div class="col-md-12 mb-3" style="padding-left: 25px">
+        <div class="col-md-6" style="padding-left: 25px">
            {% if request.session.mfa_methods|length > 1 %}
                <a href="{%  url 'mfa_methods_list' %}">Select Another Method</a>
            {% endif %}
@@ -75,4 +74,3 @@
              </div>
 	      </div>
 	      </div>
-</div>
--- a/mfa/templates/FIDO2/Add.html
+++ b/mfa/templates/FIDO2/Add.html
@@ -59,11 +59,11 @@
      <br/>
    <br/>
     <div class="container">
-     <div class="panel panel-default card">
-      <div class="panel-heading card-header">
+     <div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> FIDO2 Security Key</strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">


    <div class="row alert alert-pr" id="res" align="center">
--- a/mfa/templates/FIDO2/recheck.html
+++ b/mfa/templates/FIDO2/recheck.html
@@ -4,11 +4,11 @@
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
-<div class="panel panel-default card">
-      <div class="panel-heading card-header">
+<div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> Security Key</strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">

              <div class="row">
            <div style="padding-left: 15px" class="col-md-10 col-md-offset-1" id="main_paragraph" align="center">
@@ -35,7 +35,7 @@
          </div>

          <div class="row">
-          <div class="col-md-12 mb-3" style="padding-left: 15px">
+          <div style="padding-left: 15px">

            {% if request.session.mfa_methods|length > 1 %}
                <a href="{%  url 'mfa_methods_list' %}">Select Another Method</a>
--- a/mfa/templates/MFA.html
+++ b/mfa/templates/MFA.html
@@ -19,7 +19,7 @@
        $("#modal-body").html("Are you sure you want to delete '"+name+"'? you may lose access to your system if this your only 2FA.");
        $("#actionBtn").remove()
        $("#modal-footer").prepend("<button id='actionBtn' class='btn btn-danger' onclick='confirmDel("+id+")'>Confirm Deletion</button>")
-        $("#popUpModal").modal('show')
+        $("#popUpModal").modal()
    }

    function toggleKey(id) {
@@ -98,7 +98,7 @@
               <td>{% if key.key_type in HIDE_DISABLE %}
                   ----
                   {% else %}
-                    <a href="javascript:void(0)" onclick="deleteKey({{ key.id }},'{{ key.key_type }}')"> <span class="fa fa-trash fa-solid fa-trash-can bi bi-trash-fill"></span></a></td>
+                    <a href="javascript:void(0)" onclick="deleteKey({{ key.id }},'{{ key.key_type }}')"> <span class="fa fa-trash"></span></a></td>
                    {% endif %}
           </tr>
       {% empty %}
--- a/mfa/templates/TOTP/Add.html
+++ b/mfa/templates/TOTP/Add.html
@@ -63,7 +63,7 @@
 {% block content %}
 <br/>
 <br/>
-<div class="container d-flex justify-content-center">
+<div class="container">
    <div class="col-md-6 col-md-offset-3" id="two-factor-steps">
        <div class="row" align="center">
            <h4>Adding Authenticator</h4>
@@ -98,7 +98,7 @@
                    <button class="btn btn-success" onclick="verify()">Enable</button>
                </div>
                <div class="col-md-6" align="right" style="padding-right: 30px">
-                    <a href="{% url 'mfa_home' %}" class="btn btn-default btn-secondary" role="button">Cancel</a>
+                    <a href="{% url 'mfa_home' %}"><button class="btn btn-default">Cancel</button></a>
                </div>
            </div>
        </div>
--- a/mfa/templates/TOTP/recheck.html
+++ b/mfa/templates/TOTP/recheck.html
@@ -13,15 +13,14 @@

    }
 </script>
-<div class='container'>
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
-<div class="panel panel-default card">
-      <div class="panel-heading card-header">
+<div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> One Time Password</strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">

      <FORM METHOD="POST" ACTION="{% url 'totp_auth' %}" Id="formLogin" onSubmit="" name="FrontPage_Form1">

@@ -47,16 +46,16 @@
      <div class="row">
 	  <div class="col-sm-12 col-md-12">
 	    <div class="form-group">
-	      <div class="input-group mb-3">
-		<span class="input-group-addon input-group-text">
-		<i class="glyphicon glyphicon-lock bi bi-lock"></i>
+	      <div class="input-group">
+		<span class="input-group-addon">
+		<i class="glyphicon glyphicon-lock"></i>
 		</span>
 		<input class="form-control" size="6" MaxLength="6" value="" placeholder="e.g 55552" name="otp" type="text" id="otp" autofocus>

 	      </div>
 	    </div>

-          <div class="form-group d-grid gap-2">
+          <div class="form-group">

 	      <input type="{% if mode == "auth" %}submit{% elif mode == 'recheck'  %}button{% endif %}" {% if mode == "recheck" %}onclick="send_totp()" {% endif %} class="btn btn-lg btn-success btn-block" value="Sign in">
 	      </div>
@@ -65,7 +64,7 @@
      </FORM>
      </div>
        <div class="row">
-        <div class="col-md-12 mb-3" style="padding-left: 25px">
+        <div class="col-md-6" style="padding-left: 25px">
            {% if request.session.mfa_methods|length > 1 %}
                <a href="{%  url 'mfa_methods_list' %}">Select Another Method</a>
            {% endif %}
@@ -75,4 +74,3 @@
              </div>
 	      </div>
 	      </div>
-</div>
--- a/mfa/templates/TrustedDevices/Add.html
+++ b/mfa/templates/TrustedDevices/Add.html
@@ -31,11 +31,11 @@
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
-<div class="panel panel-default card">
-      <div class="panel-heading card-header">
+<div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> Add Trusted Device</strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">
        {%  if success %}
            <div class="alert alert-warning">
                Please check your PC window, to continue the process.
@@ -67,31 +67,31 @@
      <div class="row">
 	  <div class="col-sm-12 col-md-12">
 	    <div class="form-group">
-	      <div class="input-group mb-3">
-		<span class="input-group-addon input-group-text">
-		<i class="glyphicon glyphicon-user bi bi-person"></i>
+	      <div class="input-group">
+		<span class="input-group-addon">
+		<i class="glyphicon glyphicon-user"></i>
 		</span>
 		<input class="form-control" id="username" size="30" MaxLength="30" placeholder="Username" name="username" value="{{ username }}" type="text" autofocus autocomplete="on">

 	      </div>
 	    </div>
 	    <div class="form-group">
-		<div class="input-group mb-3">
-		<span class="input-group-addon input-group-text">
+		<div class="input-group">
+		<span class="input-group-addon">
 		<i class="fa fa-key"></i>
 		</span>
 		<input class="form-control" placeholder="e.g GAK-Y2M" id='key' style="text-transform: uppercase" name="key" type="text" size="9" MaxLength="9" value="{{ key }}">
 		</div>
 	    </div>
           <div class="form-group">
-		<span class="input-group mb-3">
+		<span class="input-group">
            <input id='agree' name="agree" type="checkbox"><span style="color: red"> I confirm that this device is mine and it is only used by me.</span>

 	    </div>
      {% comment %}
 	    <div class="form-group">
-	      <div class="input-group mb-3">
-	      <span class="input-group-addon input-group-text">
+	      <div class="input-group">
+	      <span class="input-group-addon">


 	      <select size="1" name="Institution_Code" style="font-size: 10pt; font-family: Calibri; height: 34px;width: 230px">
@@ -104,7 +104,7 @@
 	      </div>
 	      </div>
 	      {% endcomment %}
-	      <div class="form-group d-grid gap-2">
+	      <div class="form-group">
 	      <input type="submit" class="btn btn-lg btn-success btn-block" value="Trust Device">
 	      </div>
 	      </div>
@@ -113,7 +113,7 @@
 	      </form>
      {% endif %}
 	      </div>
-	      <div class="panel-footer card-footer">
+	      <div class="panel-footer ">


 	      </div>
--- a/mfa/templates/TrustedDevices/Done.html
+++ b/mfa/templates/TrustedDevices/Done.html
@@ -7,17 +7,17 @@
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
-<div class="panel panel-default card">
-      <div class="panel-heading card-header">
+<div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> Add Trusted Device</strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">
            <div class="alert alert-success">
                Your device is now trusted, please try to <a href="{{ HOST }}{{ BASE_URL }}accounts/login/"> login</a>
            </div>

 	      </div>
-	      <div class="panel-footer card-footer">
+	      <div class="panel-footer ">


 	      </div>
--- a/mfa/templates/TrustedDevices/start.html
+++ b/mfa/templates/TrustedDevices/start.html
@@ -15,7 +15,7 @@
    function sendEmail() {
        $("#modal-title").html("Send Link")
        $("#modal-body").html("Sending Email, Please wait....");
-        $("#popUpModal").modal('show');
+        $("#popUpModal").modal();
        $.ajax({
            "url":"{% url 'td_sendemail' %}",
            success:function (data) {
@@ -60,7 +60,7 @@
                    $("#actionBtn").remove();
                    $("#modal-footer").prepend("<button id='actionBtn' class='btn btn-success' onclick='checkMFA()'>Trust Device</button>")
                    $("#modal-body").html(data)
-                    $("#popUpModal").modal('show');
+                    $("#popUpModal").modal()
                }
            }
        })
--- a/mfa/templates/U2F/recheck.html
+++ b/mfa/templates/U2F/recheck.html
@@ -2,11 +2,11 @@
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
-<div class="panel panel-default card">
-      <div class="panel-heading card-header">
+<div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> Security Key</strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">

              <div class="row">
            <div style="padding-left: 15px" class="col-md-10 col-md-offset-1" id="main_paragraph" align="center">
@@ -24,7 +24,7 @@
          </div>

          <div class="row">
-          <div class="col-md-12 mb-3" style="padding-left: 15px">
+          <div style="padding-left: 15px">

            {% if request.session.mfa_methods|length > 1 %}
                <a href="{%  url 'mfa_methods_list' %}">Select Another Method</a>
--- a/mfa/templates/mfa_check.html
+++ b/mfa/templates/mfa_check.html
@@ -24,7 +24,7 @@
                {
                    $("#modal-title").html("Recheck Indentity")
                    $("#modal-body").html(data["html"])
-                    $("#popUpModal").modal('show')
+                    $("#popUpModal").modal()
                }


--- a/mfa/templates/modal.html
+++ b/mfa/templates/modal.html
@@ -2,15 +2,15 @@
  <div class="modal-dialog" style="height: 80%;width: 80%;">
    <div class="modal-content" >
      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
        <h4 class="modal-title" id="modal-title"></h4>
-          <button type="button" class="close" data-dismiss="modal" data-bs-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
      </div>
      <div class="modal-body" id="modal-body" >


          </div>
      <div class="modal-footer" id="modal-footer">
-        <button type="button" class="btn btn-default btn-secondary" id='btnModalClose' data-dismiss="modal" data-bs-dismiss="modal">Close</button>
+        <button type="button" class="btn btn-default" id='btnModalClose' data-dismiss="modal">Close</button>
      </div>

    </div><!-- /.modal-content -->
--- a/mfa/templates/select_mfa_method.html
+++ b/mfa/templates/select_mfa_method.html
@@ -2,15 +2,14 @@
 {% block content %}
    <br/>
 <br/>
-<div class='container'>
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
-<div class="panel panel-default card">
-      <div class="panel-heading card-header">
+<div class="panel panel-default">
+      <div class="panel-heading">
 	      <strong> Select Second Verification Method</strong>
      </div>
-      <div class="panel-body card-body">
+      <div class="panel-body">
          <ul>
              {% for method in request.session.mfa_methods %}

@@ -25,8 +24,6 @@
          </ul>
      </div>
 </div>
-</div>
-
 </div>
 </div>
 {% endblock %}
--- a/setup.py
+++ b/setup.py
@@ -4,7 +4,7 @@ from setuptools import find_packages, setup

 setup(
    name='django-mfa2',
-    version='2.5.0',
+    version='2.5.0dev',
    description='Allows user to add 2FA to their accounts',
    long_description=open("README.md").read(),
    long_description_content_type="text/markdown",
Author	SHA1	Message	Date
Mohamed ElKalioby	1ebc5bfd2b	Upgrading to FIDO2==1.0.0	2022-06-13 17:18:00 +03:00
Mohamed ElKalioby	d8b10bcdc1	WIP: Upgrading Fido2	2022-06-13 16:47:31 +03:00
Mohamed ElKalioby	f6d25d7a79	Updated CHANGELOG	2022-06-01 20:23:37 +03:00
Mohamed ElKalioby	1f4be15fc5	Updated README and CHANGLOG	2022-05-30 17:43:00 +03:00
Mohamed ElKalioby	6ea99ff931	Fix issue in case of not Safari on iOS	2022-05-30 17:25:57 +03:00
Ezra Rice	660d5ca8f8	BootStrap5 Update MFA.html	2022-05-24 09:58:31 -04:00