Removed Dependability of JSONLookup

Merge pull request #41 from BIZFactoryGmbH/AndreasDickow-patch-postgresql-support-device-register
Andreas dickow patch postgresql support device register
2021-03-05 00:48:01 +03:00 · 2021-03-02 20:03:26 +03:00 · 2021-03-01 08:27:38 +01:00 · 2021-03-01 08:25:48 +01:00 · 2021-03-01 07:44:17 +01:00
7 changed files with 17 additions and 14 deletions
--- a/example/example/settings.py
+++ b/example/example/settings.py
@@ -141,7 +141,7 @@ MFA_RECHECK=True           # Allow random rechecking of the user
 MFA_RECHECK_MIN=10         # Minimum interval in seconds
 MFA_RECHECK_MAX=30         # Maximum in seconds
 MFA_QUICKLOGIN=True        # Allow quick login for returning users by provide only their 2FA
-MFA_HIDE_DISABLE=('FIDO2',)     # Can the user disable his key (Added in 1.2.0).
+MFA_HIDE_DISABLE=()     # Can the user disable his key (Added in 1.2.0).
 TOKEN_ISSUER_NAME="PROJECT_NAME"      #TOTP Issuer name
--- a/example/example/urls.py
+++ b/example/example/urls.py
@@ -16,9 +16,11 @@ Including another URLconf
 from django.contrib import admin
 from django.urls import path,re_path,include
 from . import views,auth
 import mfa
 urlpatterns = [
    path('admin/', admin.site.urls),
    path('mfa/', include('mfa.urls')),
    path('devices/add', mfa.TrustedDevice.add,name="mfa_add_new_trusted_device"),
    path('auth/login',auth.loginView,name="login"),
    path('auth/logout',auth.logoutView,name="logout"),
--- a/mfa/TrustedDevice.py
+++ b/mfa/TrustedDevice.py
@@ -2,7 +2,6 @@ import string
 import random
 from django.shortcuts import render
 from django.http import HttpResponse
 from django.template.context import RequestContext
 from django.template.context_processors import csrf
 from .models import *
 import user_agents
@@ -10,7 +9,7 @@ from django.utils import timezone
 def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
    x=''.join(random.choice(chars) for _ in range(size))
-    if not User_Keys.objects.filter(properties__shas="$.key="+x).exists(): return x
+    if not User_Keys.objects.filter(properties__icontains=x, key_type="Trusted Device").exists(): return x
    else: return id_generator(size,chars)
 def getUserAgent(request):
@@ -19,6 +18,7 @@ def getUserAgent(request):
        tk=User_Keys.objects.get(id=id)
        if tk.properties.get("user_agent","")!="":
            ua = user_agents.parse(tk.properties["user_agent"])
            print(ua.os)
            res = render(None, "TrustedDevices/user-agent.html", context={"ua":ua})
            return HttpResponse(res)
    return HttpResponse("")
@@ -62,13 +62,14 @@ def add(request):
        key=request.POST["key"].replace("-","").replace(" ","").upper()
        context["username"] = request.POST["username"]
        context["key"] = request.POST["key"]
-        trusted_keys=User_Keys.objects.filter(username=request.POST["username"],properties__has="$.key="+key)
+        trusted_keys=User_Keys.objects.filter(username=request.POST["username"],properties__iregex=rf'{key}')
        cookie=False
        if trusted_keys.exists():
            tk=trusted_keys[0]
            request.session["td_id"]=tk.id
            ua=request.META['HTTP_USER_AGENT']
            agent=user_agents.parse(ua)
            print(agent.os)
            if agent.is_pc:
                context["invalid"]="This is a PC, it can't used as a trusted device."
            else:
@@ -124,7 +125,7 @@ def verify(request):
        json= jwt.decode(request.COOKIES.get('deviceid'),settings.SECRET_KEY)
        if json["username"].lower()== request.session['base_username'].lower():
            try:
-                uk = User_Keys.objects.get(username=request.POST["username"].lower(), properties__has="$.key=" + json["key"])
+                uk = User_Keys.objects.get(username=request.POST["username"].lower(), properties__properties__iregex=rf'{json["key"]}')
                if uk.enabled and uk.properties["status"] == "trusted":
                    uk.last_used=timezone.now()
                    uk.save()
--- a/mfa/U2F.py
+++ b/mfa/U2F.py
@@ -52,7 +52,7 @@ def validate(request,username):
    challenge = request.session.pop('_u2f_challenge_')
    device, c, t = complete_authentication(challenge, data, [settings.U2F_APPID])
-    key=User_Keys.objects.get(username=username,properties__shas="$.device.publicKey=%s"%device["publicKey"])
+    key = User_Keys.objects.get(username=username,key_type = "U2F", properties__iregex=rf'{device["publicKey"]}')
    key.last_used=timezone.now()
    key.save()
    mfa = {"verified": True, "method": "U2F","id":key.id}
@@ -69,7 +69,7 @@ def auth(request):
    request.session["_u2f_challenge_"]=s[0]
    context["token"]=s[1]
-    return render(request,"U2F/Auth.html")
+    return render(request,"U2F/Auth.html",context)
 def start(request):
    enroll = begin_registration(settings.U2F_APPID, [])
--- a/mfa/models.py
+++ b/mfa/models.py
@@ -2,9 +2,6 @@ from django.db import models
 from jsonfield import JSONField
 from jose import jwt
 from django.conf import settings
 from jsonLookup import shasLookup, hasLookup
 JSONField.register_lookup(shasLookup)
 JSONField.register_lookup(hasLookup)
 class User_Keys(models.Model):
--- a/mfa/urls.py
+++ b/mfa/urls.py
@@ -1,10 +1,11 @@
 from . import views,totp,U2F,TrustedDevice,helpers,FIDO2,Email
-#app_name='mfa'
+
 try:
    from django.urls import  re_path as url
 except:
     from django.conf.urls import  url
 urlpatterns = [
    url(r'totp/start/', totp.start , name="start_new_otop"),
    url(r'totp/getToken', totp.getToken , name="get_new_otop"),
@@ -39,6 +40,7 @@ urlpatterns = [
    url(r'u2f/secure_device', TrustedDevice.getCookie, name="td_securedevice"),
    url(r'^$', views.index, name="mfa_home"),
    url(r'devices/add$', TrustedDevice.add,name="mfa_add_new_trusted_device"),
    url(r'goto/(.*)', views.goto, name="mfa_goto"),
    url(r'selct_method', views.show_methods, name="mfa_methods_list"),
    url(r'recheck', helpers.recheck, name="mfa_recheck"),
--- a/setup.py
+++ b/setup.py
@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
 setup(
    name='django-mfa2',
-    version='2.1.2',
+    version='2.2.0b1',
    description='Allows user to add 2FA to their accounts',
    long_description=open("README.md").read(),
    long_description_content_type="text/markdown",
@@ -25,13 +25,14 @@ setup(
        'user-agents',
        'python-jose',
        'fido2 == 0.9.1',
-        'jsonLookup'
+     #   'jsonLookup'
      ],
    python_requires=">=3.5",
    include_package_data=True,
    zip_safe=False, # because we're including static files
    classifiers=[
-        "Development Status :: 5 - Production/Stable",
+        "Development Status :: 4 - Beta",
        #"Development Status :: 5 - Production/Stable",
        "Environment :: Web Environment",
        "Framework :: Django",
        "Framework :: Django :: 1.11",
Author	SHA1	Message	Date
Mohamed ElKalioby	23377abfa6	Removed Dependability of JSONLookup	2021-03-05 00:48:01 +03:00
Mohamed El-Kalioby	ba9dfc4d36	Merge pull request #41 from BIZFactoryGmbH/AndreasDickow-patch-postgresql-support-device-register Andreas dickow patch postgresql support device register	2021-03-02 20:03:26 +03:00
BIZ Factory GmbH	600ef2421a	Update TrustedDevice.py add postgresql support	2021-03-01 08:27:38 +01:00
BIZ Factory GmbH	4fbe88b90f	Update U2F.py fix get instead of filter in function call	2021-03-01 08:25:48 +01:00
BIZ Factory GmbH	a48ae253d6	Update U2F.py	2021-03-01 07:44:17 +01:00