mirror of
https://github.com/simple-login/app.git
synced 2024-09-21 07:25:59 +08:00
Black formatted
This commit is contained in:
parent
0052dad13e
commit
9b8340f3e0
|
@ -40,26 +40,29 @@ def fido():
|
|||
next_url = request.args.get("next")
|
||||
|
||||
webauthn_user = webauthn.WebAuthnUser(
|
||||
user.fido_uuid, user.email, user.name, False,
|
||||
user.fido_credential_id, user.fido_pk, user.fido_sign_count, RP_ID)
|
||||
user.fido_uuid,
|
||||
user.email,
|
||||
user.name,
|
||||
False,
|
||||
user.fido_credential_id,
|
||||
user.fido_pk,
|
||||
user.fido_sign_count,
|
||||
RP_ID,
|
||||
)
|
||||
|
||||
# Handling POST requests
|
||||
if fido_token_form.validate_on_submit():
|
||||
try:
|
||||
sk_assertion = json.loads(fido_token_form.sk_assertion.data)
|
||||
except Exception as e:
|
||||
flash('Key verification failed. Error: Invalid Payload', "warning")
|
||||
flash("Key verification failed. Error: Invalid Payload", "warning")
|
||||
return redirect(url_for("auth.login"))
|
||||
|
||||
challenge = session['fido_challenge']
|
||||
credential_id = sk_assertion['id']
|
||||
|
||||
challenge = session["fido_challenge"]
|
||||
credential_id = sk_assertion["id"]
|
||||
|
||||
webauthn_assertion_response = webauthn.WebAuthnAssertionResponse(
|
||||
webauthn_user,
|
||||
sk_assertion,
|
||||
challenge,
|
||||
SITE_URL,
|
||||
uv_required=False
|
||||
webauthn_user, sk_assertion, challenge, SITE_URL, uv_required=False
|
||||
)
|
||||
|
||||
is_webauthn_verified = False
|
||||
|
@ -67,8 +70,8 @@ def fido():
|
|||
new_sign_count = webauthn_assertion_response.verify()
|
||||
is_webauthn_verified = True
|
||||
except Exception as e:
|
||||
LOG.error(f'An error occurred in WebAuthn verification process: {e}')
|
||||
flash('Key verification failed.', "warning")
|
||||
LOG.error(f"An error occurred in WebAuthn verification process: {e}")
|
||||
flash("Key verification failed.", "warning")
|
||||
|
||||
if is_webauthn_verified:
|
||||
user.fido_sign_count = new_sign_count
|
||||
|
@ -88,17 +91,21 @@ def fido():
|
|||
else:
|
||||
# Verification failed, put else here to make structure clear
|
||||
pass
|
||||
|
||||
|
||||
# Prepare information for key registration process
|
||||
session.pop('challenge', None)
|
||||
session.pop("challenge", None)
|
||||
challenge = secrets.token_urlsafe(32)
|
||||
|
||||
session['fido_challenge'] = challenge.rstrip('=')
|
||||
|
||||
session["fido_challenge"] = challenge.rstrip("=")
|
||||
|
||||
webauthn_assertion_options = webauthn.WebAuthnAssertionOptions(
|
||||
webauthn_user, challenge)
|
||||
webauthn_user, challenge
|
||||
)
|
||||
webauthn_assertion_options = webauthn_assertion_options.assertion_dict
|
||||
|
||||
return render_template("auth/fido.html", fido_token_form=fido_token_form,
|
||||
webauthn_assertion_options=webauthn_assertion_options,
|
||||
enable_otp=user.enable_otp)
|
||||
return render_template(
|
||||
"auth/fido.html",
|
||||
fido_token_form=fido_token_form,
|
||||
webauthn_assertion_options=webauthn_assertion_options,
|
||||
enable_otp=user.enable_otp,
|
||||
)
|
||||
|
|
|
@ -21,7 +21,7 @@ def after_login(user, next_url):
|
|||
if next_url:
|
||||
return redirect(url_for("auth.fido", next_url=next_url))
|
||||
else:
|
||||
return redirect(url_for("auth.fido"))
|
||||
return redirect(url_for("auth.fido"))
|
||||
elif user.enable_otp:
|
||||
session[MFA_USER_ID] = user.id
|
||||
if next_url:
|
||||
|
|
|
@ -55,4 +55,8 @@ def mfa():
|
|||
else:
|
||||
flash("Incorrect token", "warning")
|
||||
|
||||
return render_template("auth/mfa.html", otp_token_form=otp_token_form, enable_fido=(user.fido_uuid is not None))
|
||||
return render_template(
|
||||
"auth/mfa.html",
|
||||
otp_token_form=otp_token_form,
|
||||
enable_fido=(user.fido_uuid is not None),
|
||||
)
|
||||
|
|
|
@ -34,4 +34,6 @@ def fido_cancel():
|
|||
else:
|
||||
flash("Incorrect password", "warning")
|
||||
|
||||
return render_template("dashboard/fido_cancel.html", password_check_form=password_check_form)
|
||||
return render_template(
|
||||
"dashboard/fido_cancel.html", password_check_form=password_check_form
|
||||
)
|
||||
|
|
|
@ -33,25 +33,26 @@ def fido_setup():
|
|||
try:
|
||||
sk_assertion = json.loads(fido_token_form.sk_assertion.data)
|
||||
except Exception as e:
|
||||
flash('Key registration failed. Error: Invalid Payload', "warning")
|
||||
flash("Key registration failed. Error: Invalid Payload", "warning")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
|
||||
fido_uuid = session['fido_uuid']
|
||||
challenge = session['fido_challenge']
|
||||
|
||||
fido_uuid = session["fido_uuid"]
|
||||
challenge = session["fido_challenge"]
|
||||
|
||||
fido_reg_response = webauthn.WebAuthnRegistrationResponse(
|
||||
RP_ID,
|
||||
SITE_URL,
|
||||
sk_assertion,
|
||||
challenge,
|
||||
trusted_attestation_cert_required = False,
|
||||
none_attestation_permitted = True)
|
||||
trusted_attestation_cert_required=False,
|
||||
none_attestation_permitted=True,
|
||||
)
|
||||
|
||||
try:
|
||||
fido_credential = fido_reg_response.verify()
|
||||
except Exception as e:
|
||||
LOG.error(f'An error occurred in WebAuthn registration process: {e}')
|
||||
flash('Key registration failed.', "warning")
|
||||
LOG.error(f"An error occurred in WebAuthn registration process: {e}")
|
||||
flash("Key registration failed.", "warning")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
|
||||
current_user.fido_pk = str(fido_credential.public_key, "utf-8")
|
||||
|
@ -63,24 +64,32 @@ def fido_setup():
|
|||
flash("Security key has been activated", "success")
|
||||
|
||||
return redirect(url_for("dashboard.index"))
|
||||
|
||||
|
||||
# Prepare information for key registration process
|
||||
fido_uuid = str(uuid.uuid4())
|
||||
challenge = secrets.token_urlsafe(32)
|
||||
|
||||
credential_create_options = webauthn.WebAuthnMakeCredentialOptions(
|
||||
challenge, 'SimpleLogin', RP_ID, fido_uuid,
|
||||
current_user.email, current_user.name, False, attestation='none')
|
||||
challenge,
|
||||
"SimpleLogin",
|
||||
RP_ID,
|
||||
fido_uuid,
|
||||
current_user.email,
|
||||
current_user.name,
|
||||
False,
|
||||
attestation="none",
|
||||
)
|
||||
|
||||
# Don't think this one should be used, but it's not configurable by arguments
|
||||
# https://www.w3.org/TR/webauthn/#sctn-location-extension
|
||||
registration_dict = credential_create_options.registration_dict
|
||||
del registration_dict['extensions']['webauthn.loc']
|
||||
del registration_dict["extensions"]["webauthn.loc"]
|
||||
|
||||
session['fido_uuid'] = fido_uuid
|
||||
session['fido_challenge'] = challenge.rstrip('=')
|
||||
session["fido_uuid"] = fido_uuid
|
||||
session["fido_challenge"] = challenge.rstrip("=")
|
||||
|
||||
return render_template(
|
||||
"dashboard/fido_setup.html", fido_token_form=fido_token_form,
|
||||
credential_create_options=registration_dict
|
||||
"dashboard/fido_setup.html",
|
||||
fido_token_form=fido_token_form,
|
||||
credential_create_options=registration_dict,
|
||||
)
|
||||
|
|
Loading…
Reference in a new issue