app/templates/auth/fido.html

89 lines
2.8 KiB
HTML
Raw Normal View History

2020-05-05 20:03:29 +08:00
{% extends "single.html" %}
{% block title %}
Verify Your Security Key
{% endblock %}
{% block head %}
<script src="{{ url_for('static', filename='assets/js/vendors/base64.js') }}"></script>
<script src="{{ url_for('static', filename='assets/js/vendors/webauthn.js') }}"></script>
{% endblock %}
{% block single_content %}
2020-05-12 05:22:06 +08:00
<div class="card">
<div class="card-body">
2020-05-05 20:03:29 +08:00
2020-05-12 05:22:06 +08:00
<div class="mb-2">
Your account is protected with your security key (WebAuthn). <br><br>
Follow your browser's steps to continue the sign-in process.
</div>
2020-05-05 20:03:29 +08:00
2020-05-12 05:22:06 +08:00
<form id="formRegisterKey" method="post">
{{ fido_token_form.csrf_token }}
{{ fido_token_form.sk_assertion(class="form-control", placeholder="") }}
2020-05-19 04:45:02 +08:00
<div class="text-center">
<button id="btnVerifyKey" class="btn btn-success mt-2" onclick="verifyKey();">Use your security key</button>
</div>
2020-05-24 03:56:42 +08:00
<div class="form-check">
{{ fido_token_form.remember(class="form-check-input", id="remember") }}
<label class="form-check-label" for="remember">
{{ fido_token_form.remember.description }}
</label>
</div>
2020-05-12 05:22:06 +08:00
</form>
2020-05-19 04:45:02 +08:00
2020-05-05 20:03:29 +08:00
2020-05-12 05:22:06 +08:00
{% if enable_otp %}
<hr>
<div class="text-muted mt-5" style="margin-top: 1em;">
2020-05-12 05:22:06 +08:00
Don't have your key with you? <br> <a href="{{ url_for('auth.mfa') }}">Verify by One-Time Password</a>
</div>
{% endif %}
2020-05-05 20:03:29 +08:00
<hr>
<div class="mt-5">
If you have troubles with your authentication app, you can use the recovery code to login. <br>
<a href="{{ url_for('auth.recovery_route', next=next_url) }}">Use Recovery Codes</a>
</div>
2020-05-12 05:22:06 +08:00
<script>
async function verifyKey() {
$("#btnVerifyKey").prop('disabled', true);
$("#btnVerifyKey").text('Waiting for Security Key...');
2020-05-05 20:03:29 +08:00
2020-05-12 05:22:06 +08:00
const credentialRequestOptions = transformCredentialRequestOptions(
JSON.parse('{{webauthn_assertion_options|tojson|safe}}')
)
2020-05-05 20:03:29 +08:00
2020-05-12 05:22:06 +08:00
let assertion;
try {
assertion = await navigator.credentials.get({
publicKey: credentialRequestOptions
});
} catch (err) {
toastr.error("An error occurred when we trying to verify your key.");
$("#btnVerifyKey").prop('disabled', false);
$("#btnVerifyKey").text('Use your security key');
return console.error("Error when trying to get credential:", err);
}
2020-05-05 20:03:29 +08:00
2020-05-12 05:22:06 +08:00
const skAssertion = transformAssertionForServer(assertion);
$('#sk_assertion').val(JSON.stringify(skAssertion));
$('#formRegisterKey').submit();
}
</script>
2020-05-12 10:17:51 +08:00
{% if auto_activate %}
<script>$('document').ready(verifyKey());</script>
{% endif %}
2020-05-12 05:22:06 +08:00
</div>
2020-05-05 20:03:29 +08:00
</div>
{% endblock %}