Adding Touch ID to Django 1.8

CHANGELOG.md

@@ -1,5 +1,14 @@
 # Change Log
 
+## v1.9.1
+   * Fixed: is_authenticated #13
+   * Fixed: is_anonymous #6
+    
+    thanks to @d3cline,  
+
+## v1.7
+  * Better Error Management
+  * Better Token recheck
 ## v 1.6.0
   * Fixed some issues for django>= 2.0
   * Added example app.

mfa/FIDO2.py

@@ -136,7 +136,11 @@ def authenticate_complete(request):
                         mfa["next_check"] = int((datetime.datetime.now()+ datetime.timedelta(
                         seconds=random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s"))
                     request.session["mfa"] = mfa
-                    if not request.user.is_authenticated():
+                    try:
+                        authenticated=request.user.is_authenticated
+                    except:
+                        authenticated = request.user.is_authenticated()
+                    if not authenticated:
                         res=login(request)
                         if not "location" in res: return reset_cookie(request)
                         return HttpResponse(simplejson.dumps({'status':"OK","redirect":res["location"]}),content_type="application/json")

mfa/templates/FIDO2/Add.html

@@ -2,6 +2,7 @@
 {% load static %}
 {% block head %}
     <script type="application/javascript" src="{% static 'mfa/js/cbor.js'%}"></script>
+    <script type="application/javascript" src="{% static 'mfa/js/ua-parser.min.js'%}"></script>
     <script type="application/javascript">
     function begin_reg(){
     fetch('{% url 'fido2_begin_reg' %}',{}).then(function(response) {
@@ -40,7 +41,17 @@
        $("#res").html("<div class='alert alert-danger'>Registeration Failed as " +reason +", <a href='javascript:void(0)' onclick='begin_reg()'> try again </a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
     })
     }
-    $(document).ready(setTimeout(begin_reg,500))
+    $(document).ready(function (){
+        ua=new UAParser()
+        if (ua.getBrowser().name == "Safari")
+        {
+                $("#res").html("<button class='btn btn-primary' onclick='begin_reg()'>Start...</button>")
+        }
+        else
+        {
+            setTimeout(begin_reg, 500)
+        }
+    })
     </script>
 
 {% endblock %}
@@ -56,7 +67,7 @@
 
 
     <div class="row alert alert-pr" id="res">
-    <p style="color: green">Your broswer should ask you to confirm you indentity.</p>
+    <p style="color: green">Your browser should ask you to confirm you identity.</p>
 
     </div>
         </div>

mfa/templates/FIDO2/recheck.html

@@ -1,5 +1,6 @@
 {%  load static %}
 <script type="application/javascript" src="{% static 'mfa/js/cbor.js' %}"></script>
+<script type="application/javascript" src="{% static 'mfa/js/us-parser.min.js' %}"></script>
 <div class="row">
 
 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
@@ -17,7 +18,9 @@
                     <br/>
 
             {% endif %}
+                <div id="res">
                     <p style="color: green">please press the button on your security key to prove it is you.</p>
+                </div>
                 <div id="msgdiv"></div>
                 {% if mode == "auth" %}
                     <form id="u2f_login" action="{% url 'fido2_complete_auth' %}" method="post" enctype="multipart/form-data">
@@ -101,6 +104,10 @@
             $("#main_paragraph").addClass("alert alert-danger")
             $("#main_paragraph").html("FIDO2 must work under secure context")
         } else {
+            ua=UAParser()
+            if (ua.getBrowser().name == "Safari")
+                $("#res").html("<button class='btn btn-success' onclick='authen()'>Authenticate...</button>")
+            else
                 authen()
         }
     });

mfa/templates/MFA.html

@@ -20,7 +20,7 @@
         $("#modal-footer").prepend("<button id='actionBtn' class='btn btn-danger' onclick='confirmDel("+id+")'>Confirm Deletion</button>")
         $("#popUpModal").modal()
     }
-    {% if not HIDE_DISABLE %}
+
     function toggleKey(id) {
         $.ajax({
             url:"{% url 'toggle_key' %}?id="+id,
@@ -34,7 +34,6 @@
             }
         })
     }
-    {% endif %}
     </script>
     <link href="{% static  'mfa/css/bootstrap-toggle.min.css' %}" rel="stylesheet">
     <script src="{% static 'mfa/js/bootstrap-toggle.min.js'%}"></script>

mfa/views.py

@@ -9,7 +9,10 @@ from django.template.context_processors import csrf
 from django.template.context import RequestContext
 from django.conf import settings
 from . import TrustedDevice
+from django.contrib.auth.decorators import login_required
 from user_agents import parse
+
+@login_required
 def index(request):
     keys=[]
     context={"keys":User_Keys.objects.filter(username=request.user.username),"UNALLOWED_AUTHEN_METHODS":settings.MFA_UNALLOWED_METHODS
@@ -51,6 +54,8 @@ def login(request):
     callable_func = __get_callable_function__(settings.MFA_LOGIN_CALLBACK)
     return callable_func(request,username=request.session["base_username"])
 
+
+@login_required
 def delKey(request):
     key=User_Keys.objects.get(id=request.GET["id"])
     if key.username == request.user.username:
@@ -72,14 +77,18 @@ def __get_callable_function__(func_path):
         raise Exception("Module does not have requested function")
     return callable_func
 
+@login_required
 def toggleKey(request):
     id=request.GET["id"]
     q=User_Keys.objects.filter(username=request.user.username, id=id)
     if q.count()==1:
         key=q[0]
+        if not key.key_type in settings.MFA_HIDE_DISABLE:
             key.enabled=not key.enabled
             key.save()
             return HttpResponse("OK")
+        else:
+            return HttpResponse("You can't change this method.")
     else:
         return HttpResponse("Error")
 

setup.py

@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
 
 setup(
     name='django-mfa2',
-    version='1.8.0',
+    version='1.10.0,
     description='Allows user to add 2FA to their accounts',
     long_description=open("README.md").read(),
     long_description_content_type="text/markdown",
@@ -24,7 +24,7 @@ setup(
         'ua-parser',
         'user-agents',
         'python-jose',
-        'fido2 == 0.7.2',
+        'fido2 == 0.9',
         'jsonLookup'
       ],
     python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*",