Removed Touch ID Beta statment

Merge branch 'master' of github.com:mkalioby/django-mfa2
Fixed README
2021-01-20 17:11:08 +03:00 · 2021-01-20 17:10:08 +03:00 · 2021-01-20 17:08:43 +03:00 · 2021-01-20 16:06:34 +03:00 · 2021-01-20 16:05:08 +03:00 · 2021-01-18 19:57:54 +03:00
8 changed files with 45 additions and 15 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Change Log

+## 2.1.0
+   * Added Support for Touch ID for Mac OSx and iOS 14 on Safari
+
 ## 2.0.5
  * Fixed issue in __version__

--- a/README.md
+++ b/README.md
@@ -17,17 +17,17 @@ Web Authencation API (WebAuthn) is state-of-the art techology that is expected t
 For FIDO2, the following are supported
 * **security keys** (Firefox 60+, Chrome 67+, Edge 18+, Safari 13 on Mac OS, Chrome on Andriod, Safari on iOS 13.3+),
 * **Windows Hello** (Firefox 67+, Chrome 72+ , Edge) ,
- * **Apple's Touch ID** (Chrome 70+ on Mac OS X ),
+ * **Apple's Touch ID/Face ID** (Chrome 70+ on Mac OS X, Safari on macOS Big Sur, Safari on iOS 14.0+ ),
 * **android-safetynet** (Chrome 70+, Firefox 68+)
 * **NFC devices using PCSC** (Not Tested, but as supported in fido2)

-In English :), It allows you to verify the user by security keys on PC, Laptops or Mobiles, Windows Hello (Fingerprint, PIN) on Windows 10 Build 1903+ (May 2019 Update) Touch ID on Macbooks (Chrome) and Fingerprint/Face/Iris/PIN on Andriod Phones.
+In English :), It allows you to verify the user by security keys on PC, Laptops or Mobiles, Windows Hello (Fingerprint, PIN) on Windows 10 Build 1903+ (May 2019 Update) Touch/Face ID on Macbooks (Chrome, Safari), Touch/Face ID on iPhone and iPad and Fingerprint/Face/Iris/PIN on Android Phones.

-Trusted device is a mode for the user to add a device that doesn't support security keys like iOS and andriod without fingerprints or NFC.
+Trusted device is a mode for the user to add a device that doesn't support security keys like Android without fingerprints or NFC.

 **Note**: `U2F and FIDO2 can only be served under secure context (https)`

-Package tested with Django 1.8, Django 2.1 on Python 2.7 and Python 3.5+ but it was not checked with any version in between but open for issues.
+Package tested with Django 1.8, Django 2.2 on Python 2.7 and Python 3.5+ but it was not checked with any version in between but open for issues.

 Depends on

@@ -36,7 +36,7 @@ Depends on
 * ua-parser
 * user-agents
 * python-jose
-* fido2==0.8.1
+* fido2==0.9.0

 # Installation
 1. using pip 
--- a/mfa/init.py
+++ b/mfa/init.py
@@ -1 +1 @@
-__version__="2.0.5"
+__version__="2.1.0"
--- a/mfa/models.py
+++ b/mfa/models.py
@@ -2,7 +2,7 @@ from django.db import models
 from jsonfield import JSONField
 from jose import jwt
 from django.conf import settings
-from jsonLookup import shasLookup
+from jsonLookup import shasLookup, hasLookup
 JSONField.register_lookup(shasLookup)
 JSONField.register_lookup(hasLookup)

--- a/mfa/static/mfa/js/ua-parser.min.js
+++ b/mfa/static/mfa/js/ua-parser.min.js
--- a/mfa/templates/FIDO2/Add.html
+++ b/mfa/templates/FIDO2/Add.html
@@ -2,6 +2,7 @@
 {% load static %}
 {% block head %}
    <script type="application/javascript" src="{% static 'mfa/js/cbor.js'%}"></script>
+    <script type="application/javascript" src="{% static 'mfa/js/ua-parser.min.js'%}"></script>
    <script type="application/javascript">
    function begin_reg(){
    fetch('{% url 'fido2_begin_reg' %}',{}).then(function(response) {
@@ -40,7 +41,17 @@
       $("#res").html("<div class='alert alert-danger'>Registeration Failed as " +reason +", <a href='javascript:void(0)' onclick='begin_reg()'> try again </a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
    })
    }
-    $(document).ready(setTimeout(begin_reg,500))
+    $(document).ready(function (){
+        ua=new UAParser().getResult()
+        if (ua.browser.name == "Safari")
+        {
+                $("#res").html("<button class='btn btn-success' onclick='begin_reg()'>Start...</button>")
+        }
+        else
+        {
+            setTimeout(begin_reg, 500)
+        }
+    })
    </script>

 {% endblock %}
@@ -55,8 +66,8 @@
      <div class="panel-body">


-    <div class="row alert alert-pr" id="res">
-    <p style="color: green">Your broswer should ask you to confirm you indentity.</p>
+    <div class="row alert alert-pr" id="res" align="center">
+    <p style="color: green">Your browser should ask you to confirm you identity.</p>

    </div>
        </div>
--- a/mfa/templates/FIDO2/recheck.html
+++ b/mfa/templates/FIDO2/recheck.html
@@ -1,5 +1,6 @@
 {%  load static %}
 <script type="application/javascript" src="{% static 'mfa/js/cbor.js' %}"></script>
+<script type="application/javascript" src="{% static 'mfa/js/ua-parser.min.js' %}"></script>
 <div class="row">

 <div class="col-sm-10 col-sm-offset-1 col-xs-12 col-md-10 col-md-offset-1 col-lg-8 col-lg-offset-2">
@@ -17,7 +18,9 @@
                    <br/>

            {% endif %}
-                <p style="color: green">please press the button on your security key to prove it is you.</p>
+                <div id="res">
+                    <p style="color: green">please press the button on your security key to prove it is you.</p>
+                </div>
                <div id="msgdiv"></div>
                {% if mode == "auth" %}
                    <form id="u2f_login" action="{% url 'fido2_complete_auth' %}" method="post" enctype="multipart/form-data">
@@ -101,7 +104,11 @@
            $("#main_paragraph").addClass("alert alert-danger")
            $("#main_paragraph").html("FIDO2 must work under secure context")
        } else {
-            authen()
+            ua=new UAParser().getResult()
+            if (ua.browser.name == "Safari")
+                $("#res").html("<button class='btn btn-success' onclick='authen()'>Authenticate...</button>")
+            else
+                authen()
        }
    });

--- a/setup.py
+++ b/setup.py
@@ -4,7 +4,7 @@ from setuptools import find_packages, setup

 setup(
    name='django-mfa2',
-    version='2.0.5',
+    version='2.1.0',
    description='Allows user to add 2FA to their accounts',
    long_description=open("README.md").read(),
    long_description_content_type="text/markdown",
@@ -24,12 +24,12 @@ setup(
        'ua-parser',
        'user-agents',
        'python-jose',
-        'fido2 == 0.8.1',
+        'fido2 == 0.9',
        'jsonLookup'
      ],
    python_requires=">=3.5",
    include_package_data=True,
-      zip_safe=False, # because we're including static files
+    zip_safe=False, # because we're including static files
    classifiers=[
        "Development Status :: 5 - Production/Stable",
        "Environment :: Web Environment",
Author	SHA1	Message	Date
Mohamed El-Kalioby	2709e70f88	Removed Touch ID Beta statment	2021-01-20 17:11:08 +03:00
Mohamed El-Kalioby	25fe80d76d	Merge branch 'master' of github.com:mkalioby/django-mfa2	2021-01-20 17:10:08 +03:00
Mohamed El-Kalioby	ba76f842bb	Fixed README	2021-01-20 17:08:43 +03:00
Mohamed ElKalioby	87e83b3bbe	Updated Changed Log	2021-01-20 16:06:34 +03:00
Mohamed ElKalioby	a94ad50b93	Adding Latest mfa	2021-01-20 16:05:08 +03:00
Mohamed El-Kalioby	75cf1e6130	Update README.md	2021-01-18 19:57:54 +03:00
Mohamed El-Kalioby	911be9e106	Update README.md	2021-01-18 19:56:19 +03:00
Mohamed El-Kalioby	a577c80cc3	Final touches	2021-01-18 19:31:23 +03:00
Mohamed El-Kalioby	66cf103bca	Fixes	2021-01-18 19:12:12 +03:00
Mohamed El-Kalioby	53f936a2c6	Testing Touch ID	2021-01-18 18:53:11 +03:00
Mohamed El-Kalioby	6f4c3e0486	closes #31	2020-12-09 07:45:20 +03:00