CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

2FA: Implement emergency tokens

Browse Source
This commit is contained in:
Raphael Michel
2016-10-08 15:16:42 +02:00
parent 68a9f98f23
commit 582d9dca25
6 changed files with 72 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/pretix/control/views/user.py
View File

@@ -6,9 +6,11 @@ from django.contrib import messages
from django.contrib.auth import update_session_auth_hash
from django.core.urlresolvers import reverse
from django.shortcuts import get_object_or_404, redirect
from django.utils.crypto import get_random_string
from django.utils.functional import cached_property
from django.utils.translation import ugettext_lazy as _
from django.views.generic import FormView, TemplateView, UpdateView
from django_otp.plugins.otp_static.models import StaticDevice
from django_otp.plugins.otp_totp.models import TOTPDevice
from pretix.base.forms.user import User2FADeviceAddForm, UserSettingsForm
@@ -51,6 +53,14 @@ class User2FAMainView(TemplateView):
def get_context_data(self, **kwargs):
ctx = super().get_context_data()
try:
ctx['static_tokens'] = StaticDevice.objects.get(user=self.request.user, name='emergency').token_set.all()
except StaticDevice.DoesNotExist:
d = StaticDevice.objects.create(user=self.request.user, name='emergency')
for i in range(10):
d.token_set.create(token=get_random_string(length=12, allowed_chars='1234567890'))
ctx['static_tokens'] = d.token_set.all()
ctx['devices'] = []
for dt in REAL_DEVICE_TYPES:
objs = list(dt.objects.filter(user=self.request.user, confirmed=True))
@@ -158,3 +168,16 @@ class User2FADisableView(TemplateView):
self.request.user.save()
messages.success(request, _('Two-factor authentication is now disabled for your account.'))
return redirect(reverse('control:user.settings.2fa'))
class User2FARegenerateEmergencyView(TemplateView):
template_name = 'pretixcontrol/user/2fa_regenermergency.html'
def post(self, request, *args, **kwargs):
d = StaticDevice.objects.get(user=self.request.user, name='emergency')
d.token_set.all().delete()
for i in range(10):
d.token_set.create(token=get_random_string(length=12, allowed_chars='1234567890'))
messages.success(request, _('Your emergency codes have been newly generated. Remember to store them in a safe '
'place in case you lose access to your devices.'))
return redirect(reverse('control:user.settings.2fa'))