Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit0ac2cb9

Browse files
committed
Fixed DB error caused by size_of_recovery_code larger than DB field size.
More consistently redirect to LOGIN_REDIRECT_URLCall resolve_url on LOGIN_REDIRECT_URL to support different types consistentwith internal django use
1 parent1cc4b30 commit0ac2cb9

File tree

2 files changed

+11
-8
lines changed

2 files changed

+11
-8
lines changed

‎django_mfa/models.py‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,11 +22,11 @@ def is_mfa_enabled(user):
2222
"""
2323
returnhasattr(user,'userotp')
2424

25-
25+
MFA_RECOVERY_CODE_LENGTH=10
2626
classUserRecoveryCodes(models.Model):
2727
user=models.ForeignKey(UserOTP,
2828
on_delete=models.CASCADE)
29-
secret_code=models.CharField(max_length=10)
29+
secret_code=models.CharField(max_length=MFA_RECOVERY_CODE_LENGTH)
3030

3131

3232
classU2FKey(models.Model):

‎django_mfa/views.py‎

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,6 @@
1919
fromu2flib_serverimportu2f
2020
from .formsimport*
2121

22-
2322
classOriginMixin(object):
2423
defget_origin(self):
2524
return'{scheme}://{host}'.format(
@@ -92,6 +91,7 @@ def _generate_cookie_salt(user):
9291
try:
9392
otp_=UserOTP.objects.get(user=user)
9493
exceptUserOTP.DoesNotExist:
94+
# TODO: probably needs to be return ''. Can't remember why though
9595
returnNone
9696
# out of paranoia only use half the secret to generate the salt
9797
uselen=int(len(otp_.secret_key)/2)
@@ -156,7 +156,7 @@ def disable_mfa(request):
156156
user_mfa.delete()
157157
messages.success(
158158
request,"You have successfully disabled multi-factor authentication on your account.")
159-
response=redirect(reverse('mfa:configure_mfa'))
159+
response=redirect(settings.LOGIN_REDIRECT_URL)
160160
returndelete_rmb_cookie(request,response)
161161
returnrender(request,'django_mfa/disable_mfa.html')
162162

@@ -206,7 +206,7 @@ def verify_second_factor_totp(request):
206206

207207
defgenerate_user_recovery_codes(user_id):
208208
no_of_recovery_codes=10
209-
size_of_recovery_code=16
209+
size_of_recovery_code=MFA_RECOVERY_CODE_LENGTH
210210
recovery_codes_list= []
211211
chars=string.ascii_uppercase+string.digits+string.ascii_lowercase
212212
while(no_of_recovery_codes>0):
@@ -231,7 +231,7 @@ def recovery_codes(request):
231231
user=UserOTP.objects.get(user=request.user.id))
232232
else:
233233
codes=generate_user_recovery_codes(request.user.id)
234-
next_url=settings.LOGIN_REDIRECT_URL
234+
next_url=resolve_url(settings.LOGIN_REDIRECT_URL)
235235
returnrender(request,"django_mfa/recovery_codes.html", {"codes":codes,"next_url":next_url})
236236
else:
237237
returnHttpResponse("please enable twofactor_authentication!")
@@ -242,9 +242,12 @@ def verify_second_factor(request):
242242
ifrequest.method=="GET":
243243
twofactor_enabled=is_mfa_enabled(request.user)
244244
u2f_enabled=is_u2f_enabled(request.user)
245-
iftwofactor_enabledoru2f_enabled:
245+
iftwofactor_enabledandu2f_enabled:
246246
returnrender(request,'django_mfa/verify_second_factor.html', {"u2f_enabled":u2f_enabled,"twofactor_enabled":twofactor_enabled})
247-
247+
ifu2f_enabled:
248+
returnredirect("mfa:verify_second_factor_u2f")
249+
iftwofactor_enabled:
250+
returnredirect("mfa:verify_second_factor_totp")
248251

249252
@login_required
250253
defrecovery_codes_download(request):

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp