Fixing TOTP login flow
This commit is contained in:
parent
4e77e77296
commit
2cb4900a55
4 changed files with 10 additions and 3 deletions
|
@ -13,6 +13,9 @@ class TOTPLoginForm(forms.Form):
|
||||||
self.user_cache = None
|
self.user_cache = None
|
||||||
super().__init__(*args, **kwargs)
|
super().__init__(*args, **kwargs)
|
||||||
|
|
||||||
|
def get_user(self):
|
||||||
|
return self.user_cache
|
||||||
|
|
||||||
def clean_token(self):
|
def clean_token(self):
|
||||||
token = str(self.cleaned_data.get('token')).zfill(6)
|
token = str(self.cleaned_data.get('token')).zfill(6)
|
||||||
|
|
||||||
|
@ -20,7 +23,7 @@ class TOTPLoginForm(forms.Form):
|
||||||
user = self.request.user
|
user = self.request.user
|
||||||
else:
|
else:
|
||||||
sessionid = self.request.session["AuthSession"]
|
sessionid = self.request.session["AuthSession"]
|
||||||
session = AuthSession.objects.get(sessionid)
|
session = AuthSession.objects.get(id=sessionid)
|
||||||
user = session.user
|
user = session.user
|
||||||
|
|
||||||
if user.totpsecret.verify(token):
|
if user.totpsecret.verify(token):
|
||||||
|
|
|
@ -17,7 +17,7 @@ class LoginView(OnlyLoggedOutMixin, TitleMixin, DjangoLoginView):
|
||||||
def form_valid(self, form):
|
def form_valid(self, form):
|
||||||
if has_otp(user := form.get_user()):
|
if has_otp(user := form.get_user()):
|
||||||
session = AuthSession.objects.create(user=user)
|
session = AuthSession.objects.create(user=user)
|
||||||
self.request.session["AuthSession"] = session.id
|
self.request.session["AuthSession"] = str(session.id)
|
||||||
return HttpResponseRedirect(reverse_lazy("auth:totplogin"))
|
return HttpResponseRedirect(reverse_lazy("auth:totplogin"))
|
||||||
|
|
||||||
self.request.session["LastActivity"] = timezone.now().timestamp()
|
self.request.session["LastActivity"] = timezone.now().timestamp()
|
||||||
|
|
|
@ -9,6 +9,7 @@ from frontend.mixins.views import TitleMixin
|
||||||
class TOTPLoginView(TitleMixin, AuthSessionRequiredMixin, LoginView):
|
class TOTPLoginView(TitleMixin, AuthSessionRequiredMixin, LoginView):
|
||||||
form_class = TOTPLoginForm
|
form_class = TOTPLoginForm
|
||||||
title = "Verify"
|
title = "Verify"
|
||||||
|
template_name = "auth/totplogin.html"
|
||||||
|
|
||||||
def form_valid(self, form):
|
def form_valid(self, form):
|
||||||
self.request.session["LastActivity"] = timezone.now().timestamp()
|
self.request.session["LastActivity"] = timezone.now().timestamp()
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
from django.contrib import admin
|
from django.contrib import admin
|
||||||
from django.urls import path, re_path, include
|
from django.urls import path, re_path, include, reverse_lazy
|
||||||
|
from django.views.generic import RedirectView
|
||||||
|
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
|
path('admin/login/', RedirectView.as_view(url=reverse_lazy("auth:login", query_string=True))),
|
||||||
path('admin/', admin.site.urls),
|
path('admin/', admin.site.urls),
|
||||||
re_path(r'^openid/', include('oidc_provider.urls', namespace='oidc_provider')),
|
re_path(r'^openid/', include('oidc_provider.urls', namespace='oidc_provider')),
|
||||||
path('auth/', include(("authentication.urls", "auth"))),
|
path('auth/', include(("authentication.urls", "auth"))),
|
||||||
|
|
Loading…
Reference in a new issue