jumpserver/apps/authentication/backends/passkey/api.py

from django.conf import settings
from django.http import JsonResponse
from django.shortcuts import render
from django.utils.translation import gettext as _
from rest_framework.decorators import action
from rest_framework.permissions import IsAuthenticated, AllowAny
from rest_framework.viewsets import ModelViewSet

from authentication.mixins import AuthMixin
from .fido import register_begin, register_complete, auth_begin, auth_complete
from .models import Passkey
from .serializer import PasskeySerializer
from ...views import FlashMessageMixin


class PasskeyViewSet(AuthMixin, FlashMessageMixin, ModelViewSet):
    serializer_class = PasskeySerializer
    permission_classes = (IsAuthenticated,)

    def get_queryset(self):
        return Passkey.objects.filter(user=self.request.user)

    @action(methods=['get', 'post'], detail=False, url_path='register')
    def register(self, request):
        if request.method == 'GET':
            register_data, state = register_begin(request)
            return JsonResponse(dict(register_data))
        else:
            passkey = register_complete(request)
            return JsonResponse({'id': passkey.id.__str__(), 'name': passkey.name})

    @action(methods=['get'], detail=False, url_path='login', permission_classes=[AllowAny])
    def login(self, request):
        return render(request, 'authentication/passkey.html', {})

    def redirect_to_error(self, error):
        self.send_auth_signal(success=False, username='unknown', reason='passkey')
        return render(self.request, 'authentication/passkey.html', {'error': error})

    @action(methods=['get', 'post'], detail=False, url_path='auth', permission_classes=[AllowAny])
    def auth(self, request):
        if request.method == 'GET':
            auth_data = auth_begin(request)
            return JsonResponse(dict(auth_data))

        try:
            user = auth_complete(request)
        except ValueError as e:
            return self.redirect_to_error(str(e))

        if not user:
            return self.redirect_to_error(_('Auth failed'))

        try:
            self.check_oauth2_auth(user, settings.AUTH_BACKEND_PASSKEY)
            return self.redirect_to_guard_view()
        except Exception as e:
            msg = getattr(e, 'msg', '') or str(e)
            return self.redirect_to_error(msg)
feat: 支持 passkey 登录 (#11519) * perf: 基本完成功能 * perf: 优化 passkey * perf: 优化 passkey * perf: 完成 passkey --------- Co-authored-by: ibuler <ibuler@qq.com> 2023-09-11 10:15:03 +00:00			`from django.conf import settings`
			`from django.http import JsonResponse`
			`from django.shortcuts import render`
			`from django.utils.translation import gettext as _`
			`from rest_framework.decorators import action`
			`from rest_framework.permissions import IsAuthenticated, AllowAny`
			`from rest_framework.viewsets import ModelViewSet`

			`from authentication.mixins import AuthMixin`
			`from .fido import register_begin, register_complete, auth_begin, auth_complete`
			`from .models import Passkey`
			`from .serializer import PasskeySerializer`
			`from ...views import FlashMessageMixin`


			`class PasskeyViewSet(AuthMixin, FlashMessageMixin, ModelViewSet):`
			`serializer_class = PasskeySerializer`
			`permission_classes = (IsAuthenticated,)`

			`def get_queryset(self):`
			`return Passkey.objects.filter(user=self.request.user)`

			`@action(methods=['get', 'post'], detail=False, url_path='register')`
			`def register(self, request):`
			`if request.method == 'GET':`
			`register_data, state = register_begin(request)`
			`return JsonResponse(dict(register_data))`
			`else:`
			`passkey = register_complete(request)`
			`return JsonResponse({'id': passkey.id.__str__(), 'name': passkey.name})`

			`@action(methods=['get'], detail=False, url_path='login', permission_classes=[AllowAny])`
			`def login(self, request):`
			`return render(request, 'authentication/passkey.html', {})`

			`def redirect_to_error(self, error):`
			`self.send_auth_signal(success=False, username='unknown', reason='passkey')`
			`return render(self.request, 'authentication/passkey.html', {'error': error})`

			`@action(methods=['get', 'post'], detail=False, url_path='auth', permission_classes=[AllowAny])`
			`def auth(self, request):`
			`if request.method == 'GET':`
			`auth_data = auth_begin(request)`
			`return JsonResponse(dict(auth_data))`

			`try:`
			`user = auth_complete(request)`
			`except ValueError as e:`
			`return self.redirect_to_error(str(e))`

			`if not user:`
			`return self.redirect_to_error(_('Auth failed'))`

			`try:`
			`self.check_oauth2_auth(user, settings.AUTH_BACKEND_PASSKEY)`
			`return self.redirect_to_guard_view()`
			`except Exception as e:`
			`msg = getattr(e, 'msg', '') or str(e)`
			`return self.redirect_to_error(msg)`