Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
f6d25d7a79 | ||
|
|
1f4be15fc5 | ||
|
|
6ea99ff931 | ||
|
660d5ca8f8 | ||
|
|
7cf2df0a1e | ||
|
|
5475a3bf87 | ||
|
|
773a16df50 |
16
CHANGELOG.md
16
CHANGELOG.md
@@ -1,7 +1,21 @@
|
||||
# Change Log
|
||||
## 2.5.0
|
||||
|
||||
* Fixed: issue in the 'Authorize' button don't show on Firefox and Chrome on iOS.
|
||||
Note: It seems Firefox doesn't support WebAuthn on iOS
|
||||
* Fixed: Support for bootstrap5
|
||||
Thanks to @ezrajrice
|
||||
|
||||
## 2.4.0
|
||||
|
||||
* Fixed: issue in the 'Authorize' button don't show on Safari Mobile.
|
||||
* Upgrade to FIDO2 0.9.2, to fix issue with Windows 11.
|
||||
* Fixed: Minor Typos.
|
||||
|
||||
|
||||
## 2.3.0
|
||||
* Fixed: A missing import Thanks @AndreasDickow
|
||||
* Fixed: `MFA.html` now call `{{block.super}}` for head and content blocks
|
||||
* Fixed: `MFA.html` now call `{{block.super}}` for head and content blocks, thanks @mnelson4
|
||||
* Added: #55 introduced `mfa_base.html` which will be extended by `MFA.html` for better styling
|
||||
|
||||
## 2.2.0
|
||||
|
||||
@@ -20,6 +20,8 @@ For FIDO2, the following are supported
|
||||
* **Apple's Touch ID/Face ID** (Chrome 70+ on Mac OS X, Safari on macOS Big Sur, Safari on iOS 14.0+ ),
|
||||
* **android-safetynet** (Chrome 70+, Firefox 68+)
|
||||
* **NFC devices using PCSC** (Not Tested, but as supported in fido2)
|
||||
* **Soft Tokens**
|
||||
* [krypt.co](https://krypt.co/): Login by a notification on your phone.
|
||||
|
||||
In English :), It allows you to verify the user by security keys on PC, Laptops or Mobiles, Windows Hello (Fingerprint, PIN) on Windows 10 Build 1903+ (May 2019 Update) Touch/Face ID on Macbooks (Chrome, Safari), Touch/Face ID on iPhone and iPad and Fingerprint/Face/Iris/PIN on Android Phones.
|
||||
|
||||
@@ -185,6 +187,7 @@ function some_func() {
|
||||
* [willingham](https://github.com/willingham)
|
||||
* [AndreasDickow](https://github.com/AndreasDickow)
|
||||
* [mnelson4](https://github.com/mnelson4)
|
||||
* [ezrajrice](https://github.com/ezrajrice)
|
||||
|
||||
|
||||
# Security contact information
|
||||
|
||||
@@ -25,7 +25,7 @@ SECRET_KEY = '#9)q!_i3@pr-^3oda(e^3$x!kq3b4f33#5l@+=+&vuz+p6gb3g'
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = True
|
||||
|
||||
ALLOWED_HOSTS = []
|
||||
ALLOWED_HOSTS = ['*']
|
||||
|
||||
|
||||
# Application definition
|
||||
@@ -146,5 +146,5 @@ MFA_SUCCESS_REGISTRATION_MSG="Go to Home"
|
||||
TOKEN_ISSUER_NAME="PROJECT_NAME" #TOTP Issuer name
|
||||
|
||||
U2F_APPID="https://localhost" #URL For U2F
|
||||
FIDO_SERVER_ID=u"localhost" # Server rp id for FIDO2, it the full domain of your project
|
||||
FIDO_SERVER_NAME=u"PROJECT_NAME"
|
||||
FIDO_SERVER_ID=u"local.mkalioby.com" # Server rp id for FIDO2, it the full domain of your project
|
||||
FIDO_SERVER_NAME=u"TestApp"
|
||||
|
||||
@@ -34,16 +34,16 @@
|
||||
if (res["status"] =='OK')
|
||||
$("#res").html("<div class='alert alert-success'>Registered Successfully, <a href='{{redirect_html}}'> {{reg_success_msg}}</a></div>")
|
||||
else
|
||||
$("#res").html("<div class='alert alert-danger'>Registeration Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='begin_reg()'> try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
|
||||
$("#res").html("<div class='alert alert-danger'>Registration Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='begin_reg()'> try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
|
||||
|
||||
|
||||
}, function(reason) {
|
||||
$("#res").html("<div class='alert alert-danger'>Registeration Failed as " +reason +", <a href='javascript:void(0)' onclick='begin_reg()'> try again </a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
|
||||
$("#res").html("<div class='alert alert-danger'>Registration Failed as " +reason +", <a href='javascript:void(0)' onclick='begin_reg()'> try again </a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
|
||||
})
|
||||
}
|
||||
$(document).ready(function (){
|
||||
ua=new UAParser().getResult()
|
||||
if (ua.browser.name == "Safari")
|
||||
if (ua.browser.name == "Safari" || ua.browser.name == "Mobile Safari" )
|
||||
{
|
||||
$("#res").html("<button class='btn btn-success' onclick='begin_reg()'>Start...</button>")
|
||||
}
|
||||
|
||||
@@ -105,7 +105,7 @@
|
||||
$("#main_paragraph").html("FIDO2 must work under secure context")
|
||||
} else {
|
||||
ua=new UAParser().getResult()
|
||||
if (ua.browser.name == "Safari")
|
||||
if (ua.browser.name == "Safari" || ua.browser.name == "Mobile Safari" || ua.os.name == "iOS" || ua.os.name == "iPadOS")
|
||||
$("#res").html("<button class='btn btn-success' onclick='authen()'>Authenticate...</button>")
|
||||
else
|
||||
authen()
|
||||
|
||||
@@ -47,24 +47,24 @@
|
||||
<div class="row">
|
||||
<div align="center">
|
||||
<div class="btn-group">
|
||||
<button class="btn btn-success dropdown-toggle" data-toggle="dropdown">
|
||||
<button class="btn btn-success dropdown-toggle" data-toggle="dropdown" data-bs-toggle="dropdown">
|
||||
Add Method <span class="caret"></span>
|
||||
</button>
|
||||
<ul class="dropdown-menu">
|
||||
{% if not 'TOTP' in UNALLOWED_AUTHEN_METHODS %}
|
||||
<li><a href="{% url 'start_new_otop' %}">Authenticator app</a></li>
|
||||
<li><a class="dropdown-item" href="{% url 'start_new_otop' %}">Authenticator app</a></li>
|
||||
{% endif %}
|
||||
{% if not 'Email' in UNALLOWED_AUTHEN_METHODS %}
|
||||
<li><a href="{% url 'start_email' %}">Email Token</a></li>
|
||||
<li><a class="dropdown-item" href="{% url 'start_email' %}">Email Token</a></li>
|
||||
{% endif %}
|
||||
{% if not 'U2F' in UNALLOWED_AUTHEN_METHODS %}
|
||||
<li><a href="{% url 'start_u2f' %}">Security Key</a></li>
|
||||
<li><a class="dropdown-item" href="{% url 'start_u2f' %}">Security Key</a></li>
|
||||
{% endif %}
|
||||
{% if not 'FIDO2' in UNALLOWED_AUTHEN_METHODS %}
|
||||
<li><a href="{% url 'start_fido2' %}">FIDO2 Security Key</a></li>
|
||||
<li><a class="dropdown-item" href="{% url 'start_fido2' %}">FIDO2 Security Key</a></li>
|
||||
{% endif %}
|
||||
{% if not 'Trusted_Devices' in UNALLOWED_AUTHEN_METHODS %}
|
||||
<li><a href="{% url 'start_td' %}">Trusted Device</a></li>
|
||||
<li><a class="dropdown-item" href="{% url 'start_td' %}">Trusted Device</a></li>
|
||||
{% endif %}
|
||||
</ul>
|
||||
</div>
|
||||
@@ -108,4 +108,4 @@
|
||||
</div>
|
||||
</div>
|
||||
{% include "modal.html" %}
|
||||
{% endblock %}
|
||||
{% endblock %}
|
||||
|
||||
4
setup.py
4
setup.py
@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
|
||||
|
||||
setup(
|
||||
name='django-mfa2',
|
||||
version='2.3.0',
|
||||
version='2.4.0',
|
||||
description='Allows user to add 2FA to their accounts',
|
||||
long_description=open("README.md").read(),
|
||||
long_description_content_type="text/markdown",
|
||||
@@ -24,7 +24,7 @@ setup(
|
||||
'ua-parser',
|
||||
'user-agents',
|
||||
'python-jose',
|
||||
'fido2 == 0.9.1',
|
||||
'fido2 == 0.9.2',
|
||||
'jsonLookup'
|
||||
],
|
||||
python_requires=">=3.5",
|
||||
|
||||
Reference in New Issue
Block a user