josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: josh:v3.0
Branches Tags
josh:master josh:black josh:dev josh:dependabot/pip/fido2-1.1.1 josh:ConditionalUI josh:v3.0 josh:MoreOptions josh:CVE-2022-42731 josh:v2.5.2 josh:v2.6.1 josh:v2.5.1 josh:recovery_codes josh:v2.6.0 josh:v2.6.0rc1 josh:v2.5b2 josh:v2.5b1 josh:fido==1.0.0 josh:v2.5 josh:ResidentKey josh:v2.4.0 josh:v2.3.0 josh:v2.2.1 josh:Better_TOTP josh:v2.2.0 josh:passwordless josh:redirect josh:Postgres josh:Issue_37 josh:TouchID_4_1.8 josh:TouchID josh:django-1.8 josh:example
josh:v2.8 josh:v2.6.1-release josh:v2.5.1-release josh:v2.6.0-release josh:v2.6rc1 josh:v2.5 josh:v2.5b1 josh:v2.4.0 josh:v2.3.0 josh:v2.2.0 josh:v2.1.0 josh:v2.1.0b1 josh:v2.0.5 josh:v2.0.3 josh:v2.0.1 josh:v2.0 josh:v1.9 josh:v1.7.11 josh:v1.6 josh:v1.3 josh:v1.1.6 josh:v1.1 josh:v1.0.4 josh:0.9
..
compare: josh:ConditionalUI
Branches Tags
josh:master josh:black josh:dev josh:dependabot/pip/fido2-1.1.1 josh:ConditionalUI josh:v3.0 josh:MoreOptions josh:CVE-2022-42731 josh:v2.5.2 josh:v2.6.1 josh:v2.5.1 josh:recovery_codes josh:v2.6.0 josh:v2.6.0rc1 josh:v2.5b2 josh:v2.5b1 josh:fido==1.0.0 josh:v2.5 josh:ResidentKey josh:v2.4.0 josh:v2.3.0 josh:v2.2.1 josh:Better_TOTP josh:v2.2.0 josh:passwordless josh:redirect josh:Postgres josh:Issue_37 josh:TouchID_4_1.8 josh:TouchID josh:django-1.8 josh:example
josh:v2.8 josh:v2.6.1-release josh:v2.5.1-release josh:v2.6.0-release josh:v2.6rc1 josh:v2.5 josh:v2.5b1 josh:v2.4.0 josh:v2.3.0 josh:v2.2.0 josh:v2.1.0 josh:v2.1.0b1 josh:v2.0.5 josh:v2.0.3 josh:v2.0.1 josh:v2.0 josh:v1.9 josh:v1.7.11 josh:v1.6 josh:v1.3 josh:v1.1.6 josh:v1.1 josh:v1.0.4 josh:0.9

4 Commits
v3.0 ... Conditiona

Author SHA1 Message Date
Mohamed El-Kalioby
fcad5d3818 Added Abort Signal 2022-10-17 21:42:36 +03:00
Mohamed El-Kalioby
1cfddde23b Merged v3.0 2022-10-17 21:01:15 +03:00
Mohamed El-Kalioby
0ab710e503 Minor fixes 2022-10-16 20:53:32 +03:00
Mohamed El-Kalioby
52e307ef0e Finished Conditional UI 2022-10-16 19:43:14 +03:00
5 changed files with 55 additions and 8 deletions
Expand all files Collapse all files

19
README.md
View File

@@ -194,6 +194,25 @@ function some_func() {
````
# Using ConditionalUI
![ConditionalUI](img/conditionalUI.png)
ConditionalUI is a cutting-edge feature that allows the user to use the browser autofill feature available in the browser to login using the FIDO2.
Currently available on Safari on iOS 16+, Safari on Ventura, Chrome on Android (Using Play Services Beta), Chrome Canary on Both Mac OS X and Windows.
To Use this feature
1. set `MFA_FIDO2_RESIDENT_KEY` to `mfa.ResidentKey.REQUIRED`
2. set the autocomplete of username field to `username webauth` as follows
```html
<input type="text" name="username" autocomplete="username webauthn" ...>
```
3. Finally, Include `FIDO2/FormFill.html` in your login form
```html
{% include 'FIDO2/FormFill.html' %}
```
# Contributors
* [mahmoodnasr](https://github.com/mahmoodnasr)
* [d3cline](https://github.com/d3cline)

9
example/example/templates/login.html
View File

@@ -33,7 +33,7 @@
{% csrf_token %}
<div class="form-group">
<div class="form-label-group">
<input type="text" id="inputUsername" name="username" class="form-control" placeholder="username" required="required" autofocus="autofocus">
<input type="text" id="inputUsername" name="username" class="form-control" placeholder="username" required autofocus autocomplete="username webauthn">
<label for="inputUsername">Username</label>
</div>
</div>
@@ -46,8 +46,9 @@
<button class="btn btn-primary btn-block" type="submit">Login</button><br/>
<button class="btn btn-primary btn-block" type="button" onclick="authen()">Login By Security Key</button>
</form>
<button class="btn btn-primary btn-block" onclick="authen()">Login By PassKeys</button><br/>
</div>
</div>
</div>
@@ -58,7 +59,9 @@
<!-- Core plugin JavaScript-->
<script src="{% static 'vendor/jquery-easing/jquery.easing.min.js'%}"></script>
{% include 'FIDO2/Auth_JS.html'%}
{% include 'FIDO2/FormFill.html' %}
{# {% include 'FIDO2/Auth_JS.html' with delay=True %}#}
</body>
</html>

BIN
img/conditionalUI.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 111 KiB

20
mfa/templates/FIDO2/Auth_JS.html
View File

@@ -12,8 +12,11 @@ var GetAssertReq = (getAssert) => {
return getAssert
}
function authen()
function authen(conditionalUI=false)
{
if (window.hasOwnProperty("getCredSignal"))
window.getCredSignal.abort('Restarting');
window.getCredSignal = new AbortController();
fetch('{% url 'fido2_begin_auth' %}', {
method: 'GET',
}).then(function(response) {
@@ -23,9 +26,13 @@ var GetAssertReq = (getAssert) => {
});
}
throw new Error('No credential available to authenticate!');
}).then(function(options) {
}).then(function(options) {
console.log(options)
return navigator.credentials.get(options);
if (conditionalUI) {
options.mediation = 'conditional';
}
options.signal = window.getCredSignal.signal;
return navigator.credentials.get(options);
}).then(function(assertion) {
@@ -70,8 +77,11 @@ var GetAssertReq = (getAssert) => {
ua=new UAParser().getResult()
if (ua.browser.name == "Safari" || ua.browser.name == "Mobile Safari" || ua.os.name == "iOS" || ua.os.name == "iPadOS")
$("#res").html("<button class='btn btn-success' onclick='authen()'>Authenticate...</button>")
else
authen()
else {
{% if delay != True and not conditionalUI%}
authen()
{% endif %}
}
}
});

15
mfa/templates/FIDO2/FormFill.html Normal file
View File

@@ -0,0 +1,15 @@
<script type="application/javascript">
$(document).ready(async function () {
if (window.PublicKeyCredential &&
PublicKeyCredential.isConditionalMediationAvailable
)
{
// Check if conditional mediation is available.
const isCMA = await PublicKeyCredential.isConditionalMediationAvailable()
if (isCMA) {
authen(true);
}
}
})
</script>
{% include 'FIDO2/Auth_JS.html' %}