1
0
mirror of https://github.com/dkmstr/openuds.git synced 2024-12-22 13:34:04 +03:00

Several Minor MFA fixes

This commit is contained in:
Adolfo Gómez García 2023-02-24 14:25:59 +01:00
parent e47e0ee69f
commit a7ae7d3771
No known key found for this signature in database
GPG Key ID: DD1ABF20724CDA23
5 changed files with 22 additions and 4 deletions

View File

@ -188,7 +188,7 @@ class RadiusOTP(mfas.MFA):
raise Exception('User not allowed to login')
def emptyIndentifierAllowedToLogin(self, request: 'ExtendedHttpRequest') -> typing.Optional[bool]:
return self.checkAction(self.allowLoginWithoutMFA.value, request)
return None
def label(self) -> str:
return gettext('OTP Code')

View File

@ -50,6 +50,8 @@ if typing.TYPE_CHECKING:
logger = logging.getLogger(__name__)
TOTP_INTERVAL = 30 # Seconds between codes
class TOTP_MFA(mfas.MFA):
'''
@ -159,9 +161,15 @@ class TOTP_MFA(mfas.MFA):
def _saveUserData(self, userId: str, data: typing.Tuple[str, bool]) -> None:
self.storage.putPickle(userId, data)
def _removeUserData(self, userId: str) -> None:
self.storage.remove(userId)
def getTOTP(self, userId: str, username: str) -> pyotp.TOTP:
return pyotp.TOTP(
self._userData(userId)[0], issuer=self.issuer.value, name=username
self._userData(userId)[0],
issuer=self.issuer.value,
name=username,
interval=TOTP_INTERVAL,
)
def html(self, request: 'ExtendedHttpRequest', userId: str, username: str) -> str:
@ -217,6 +225,11 @@ class TOTP_MFA(mfas.MFA):
if self.askForOTP(request) is False:
return
if self.cache.get(userId + code) is not None:
raise exceptions.MFAError(
gettext('Code is already used. Wait a minute and try again.')
)
# Get data from storage related to this user
secret, qrShown = self._userData(userId)
@ -226,7 +239,12 @@ class TOTP_MFA(mfas.MFA):
):
raise exceptions.MFAError(gettext('Invalid code'))
self.cache.put(userId + code, True, self.validWindow.num() * (TOTP_INTERVAL + 1))
if qrShown is False:
self._saveUserData(
userId, (secret, True)
) # Update user data to show QR code only once
def resetData(self, userId: str) -> None:
self._removeUserData(userId)

Binary file not shown.

Before

Width:  |  Height:  |  Size: 3.5 KiB

After

Width:  |  Height:  |  Size: 14 KiB

File diff suppressed because one or more lines are too long

View File

@ -99,7 +99,7 @@
</svg>
</div>
</uds-root>
<script src="/uds/res/admin/runtime.js?stamp=1677185473" defer></script><script src="/uds/res/admin/polyfills-es5.js?stamp=1677185473" nomodule defer></script><script src="/uds/res/admin/polyfills.js?stamp=1677185473" defer></script><script src="/uds/res/admin/main.js?stamp=1677185473" defer></script>
<script src="/uds/res/admin/runtime.js?stamp=1677244945" defer></script><script src="/uds/res/admin/polyfills-es5.js?stamp=1677244945" nomodule defer></script><script src="/uds/res/admin/polyfills.js?stamp=1677244945" defer></script><script src="/uds/res/admin/main.js?stamp=1677244945" defer></script>
</body></html>