Several Minor MFA fixes

2025-01-11 05:17:55 +03:00 · 2023-02-24 14:25:59 +01:00 · 2023-02-24 14:25:59 +01:00 · a7ae7d3771
commit a7ae7d3771
parent e47e0ee69f
5 changed files with 22 additions and 4 deletions
--- a/server/src/uds/mfas/Radius/mfa.py
+++ b/server/src/uds/mfas/Radius/mfa.py
@ -188,7 +188,7 @@ class RadiusOTP(mfas.MFA):
        raise Exception('User not allowed to login')
    def emptyIndentifierAllowedToLogin(self, request: 'ExtendedHttpRequest') -> typing.Optional[bool]:
-        return self.checkAction(self.allowLoginWithoutMFA.value, request)
+        return None
    def label(self) -> str:
        return gettext('OTP Code')
--- a/server/src/uds/mfas/TOTP/mfa.py
+++ b/server/src/uds/mfas/TOTP/mfa.py
@ -50,6 +50,8 @@ if typing.TYPE_CHECKING:
 logger = logging.getLogger(__name__)
 TOTP_INTERVAL = 30  # Seconds between codes
 class TOTP_MFA(mfas.MFA):
    '''
@ -159,9 +161,15 @@ class TOTP_MFA(mfas.MFA):
    def _saveUserData(self, userId: str, data: typing.Tuple[str, bool]) -> None:
        self.storage.putPickle(userId, data)
    def _removeUserData(self, userId: str) -> None:
        self.storage.remove(userId)
    def getTOTP(self, userId: str, username: str) -> pyotp.TOTP:
        return pyotp.TOTP(
-            self._userData(userId)[0], issuer=self.issuer.value, name=username
+            self._userData(userId)[0],
            issuer=self.issuer.value,
            name=username,
            interval=TOTP_INTERVAL,
        )
    def html(self, request: 'ExtendedHttpRequest', userId: str, username: str) -> str:
@ -217,6 +225,11 @@ class TOTP_MFA(mfas.MFA):
        if self.askForOTP(request) is False:
            return
        if self.cache.get(userId + code) is not None:
            raise exceptions.MFAError(
                gettext('Code is already used. Wait a minute and try again.')
            )
        # Get data from storage related to this user
        secret, qrShown = self._userData(userId)
@ -226,7 +239,12 @@ class TOTP_MFA(mfas.MFA):
        ):
            raise exceptions.MFAError(gettext('Invalid code'))
        self.cache.put(userId + code, True, self.validWindow.num() * (TOTP_INTERVAL + 1))
        if qrShown is False:
            self._saveUserData(
                userId, (secret, True)
            )  # Update user data to show QR code only once
    def resetData(self, userId: str) -> None:
        self._removeUserData(userId)
--- a/server/src/uds/mfas/TOTP/totp.png
+++ b/server/src/uds/mfas/TOTP/totp.png
--- a/server/src/uds/static/admin/main.js
+++ b/server/src/uds/static/admin/main.js
--- a/server/src/uds/templates/uds/admin/index.html
+++ b/server/src/uds/templates/uds/admin/index.html
@ -99,7 +99,7 @@
      </svg>
    </div>
  </uds-root>
-<script src="/uds/res/admin/runtime.js?stamp=1677185473" defer></script><script src="/uds/res/admin/polyfills-es5.js?stamp=1677185473" nomodule defer></script><script src="/uds/res/admin/polyfills.js?stamp=1677185473" defer></script><script src="/uds/res/admin/main.js?stamp=1677185473" defer></script>
+<script src="/uds/res/admin/runtime.js?stamp=1677244945" defer></script><script src="/uds/res/admin/polyfills-es5.js?stamp=1677244945" nomodule defer></script><script src="/uds/res/admin/polyfills.js?stamp=1677244945" defer></script><script src="/uds/res/admin/main.js?stamp=1677244945" defer></script>
 </body></html>