90 lines
3.3 KiB
HTML
90 lines
3.3 KiB
HTML
{% load static %}
|
|
<script type="application/javascript" src="{% static 'mfa/js/base64url.js' %}"></script>
|
|
<script type="application/javascript" src="{% static 'mfa/js/helpers.js' %}"></script>
|
|
<script type="application/javascript" src="{% static 'mfa/js/ua-parser.min.js' %}"></script>
|
|
<script type="text/javascript">
|
|
var GetAssertReq = (getAssert) => {
|
|
getAssert.publicKey.challenge = base64url.decode(getAssert.publicKey.challenge);
|
|
|
|
for(let allowCred of getAssert.publicKey.allowCredentials) {
|
|
allowCred.id = base64url.decode(allowCred.id);
|
|
}
|
|
|
|
return getAssert
|
|
}
|
|
function authen(conditionalUI=false)
|
|
{
|
|
if (window.hasOwnProperty("getCredSignal"))
|
|
window.getCredSignal.abort('Restarting');
|
|
window.getCredSignal = new AbortController();
|
|
fetch('{% url 'fido2_begin_auth' %}', {
|
|
method: 'GET',
|
|
}).then(function(response) {
|
|
if(response.ok) {
|
|
return response.json().then(function (req){
|
|
return GetAssertReq(req)
|
|
});
|
|
}
|
|
throw new Error('No credential available to authenticate!');
|
|
}).then(function(options) {
|
|
console.log(options)
|
|
if (conditionalUI) {
|
|
options.mediation = 'conditional';
|
|
}
|
|
options.signal = window.getCredSignal.signal;
|
|
return navigator.credentials.get(options);
|
|
}).then(function(assertion) {
|
|
|
|
|
|
return fetch('{% url 'fido2_complete_auth' %}', {
|
|
|
|
method: 'POST',
|
|
headers: {'Content-Type': 'application/json'},
|
|
body:JSON.stringify(publicKeyCredentialToJSON(assertion)),
|
|
|
|
}).then(function (response) {if (response.ok) return res = response.json()}).then(function (res) {
|
|
if (res.status=="OK")
|
|
{
|
|
$("#msgdiv").addClass("alert alert-success").removeClass("alert-danger")
|
|
$("#msgdiv").html("Verified....please wait")
|
|
{% if mode == "auth" or mode == None %}
|
|
window.location.href=res.redirect;
|
|
{% elif mode == "recheck" %}
|
|
mfa_success_function();
|
|
{% endif %}
|
|
}
|
|
else {
|
|
$("#msgdiv").addClass("alert alert-danger").removeClass("alert-success")
|
|
$("#msgdiv").html("Verification Failed as " + res.message + ", <a href='javascript:void(0)' onclick='authen())'> try again</a> or <a href='javascript:void(0)' onclick='history.back()'> Go Back</a>")
|
|
|
|
{% if mode == "auth" %}
|
|
|
|
{% elif mode == "recheck" %}
|
|
|
|
mfa_failed_function();
|
|
{% endif %}
|
|
}
|
|
})
|
|
|
|
})
|
|
|
|
}
|
|
$(document).ready(function () {
|
|
if (location.protocol != 'https:') {
|
|
$("#main_paragraph").addClass("alert alert-danger")
|
|
$("#main_paragraph").html("FIDO2 must work under secure context")
|
|
} else {
|
|
ua=new UAParser().getResult()
|
|
if (ua.browser.name == "Safari" || ua.browser.name == "Mobile Safari" || ua.os.name == "iOS" || ua.os.name == "iPadOS")
|
|
$("#res").html("<button class='btn btn-success' onclick='authen()'>Authenticate...</button>")
|
|
else {
|
|
{% if delay != True and not conditionalUI%}
|
|
authen()
|
|
{% endif %}
|
|
}
|
|
}
|
|
});
|
|
|
|
|
|
|
|
</script> |