mirror of
https://github.com/simple-login/app.git
synced 2024-09-20 15:05:59 +08:00
redirect user to recovery codes page after MFA setup. Remove all recovery codes when user is no more MFA.
This commit is contained in:
parent
3f7842ed3e
commit
043ecd4fac
|
@ -5,6 +5,7 @@ from wtforms import PasswordField, validators
|
|||
|
||||
from app.dashboard.base import dashboard_bp
|
||||
from app.extensions import db
|
||||
from app.models import RecoveryCode
|
||||
|
||||
|
||||
class LoginForm(FlaskForm):
|
||||
|
@ -29,6 +30,11 @@ def fido_cancel():
|
|||
current_user.fido_sign_count = None
|
||||
current_user.fido_credential_id = None
|
||||
db.session.commit()
|
||||
|
||||
# user does not have any 2FA enabled left, delete all recovery codes
|
||||
if not current_user.two_factor_authentication_enabled():
|
||||
RecoveryCode.empty(current_user)
|
||||
|
||||
flash("We've unlinked your security key.", "success")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
else:
|
||||
|
|
|
@ -68,8 +68,7 @@ def fido_setup():
|
|||
db.session.commit()
|
||||
|
||||
flash("Security key has been activated", "success")
|
||||
|
||||
return redirect(url_for("dashboard.index"))
|
||||
return redirect(url_for("dashboard.recovery_code_route"))
|
||||
|
||||
# Prepare information for key registration process
|
||||
fido_uuid = str(uuid.uuid4())
|
||||
|
|
|
@ -6,6 +6,7 @@ from wtforms import StringField, validators
|
|||
|
||||
from app.dashboard.base import dashboard_bp
|
||||
from app.extensions import db
|
||||
from app.models import RecoveryCode
|
||||
|
||||
|
||||
class OtpTokenForm(FlaskForm):
|
||||
|
@ -29,6 +30,11 @@ def mfa_cancel():
|
|||
current_user.enable_otp = False
|
||||
current_user.otp_secret = None
|
||||
db.session.commit()
|
||||
|
||||
# user does not have any 2FA enabled left, delete all recovery codes
|
||||
if not current_user.two_factor_authentication_enabled():
|
||||
RecoveryCode.empty(current_user)
|
||||
|
||||
flash("MFA is now disabled", "warning")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
else:
|
||||
|
|
|
@ -36,7 +36,8 @@ def mfa_setup():
|
|||
current_user.enable_otp = True
|
||||
db.session.commit()
|
||||
flash("MFA has been activated", "success")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
|
||||
return redirect(url_for("dashboard.recovery_code_route"))
|
||||
else:
|
||||
flash("Incorrect token", "warning")
|
||||
|
||||
|
|
Loading…
Reference in a new issue