|
|
@ -3,11 +3,10 @@
|
|
|
|
|
|
|
|
|
|
|
|
from __future__ import unicode_literals
|
|
|
|
from __future__ import unicode_literals
|
|
|
|
from django.views.generic.edit import FormView
|
|
|
|
from django.views.generic.edit import FormView
|
|
|
|
from django.shortcuts import redirect
|
|
|
|
from django.shortcuts import redirect, reverse
|
|
|
|
|
|
|
|
|
|
|
|
from common.utils import get_logger
|
|
|
|
from common.utils import get_logger
|
|
|
|
from .. import forms, errors, mixins
|
|
|
|
from .. import forms, errors, mixins
|
|
|
|
from .utils import redirect_to_guard_view
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
logger = get_logger(__name__)
|
|
|
|
logger = get_logger(__name__)
|
|
|
|
__all__ = ['UserLoginMFAView']
|
|
|
|
__all__ = ['UserLoginMFAView']
|
|
|
@ -22,7 +21,7 @@ class UserLoginMFAView(mixins.AuthMixin, FormView):
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
user = self.get_user_from_session()
|
|
|
|
user = self.get_user_from_session()
|
|
|
|
except errors.SessionEmptyError:
|
|
|
|
except errors.SessionEmptyError:
|
|
|
|
return redirect_to_guard_view('session_empty')
|
|
|
|
return self.redirect_to_guard_view('session_empty')
|
|
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
self._check_if_no_active_mfa(user)
|
|
|
|
self._check_if_no_active_mfa(user)
|
|
|
@ -31,6 +30,13 @@ class UserLoginMFAView(mixins.AuthMixin, FormView):
|
|
|
|
|
|
|
|
|
|
|
|
return super().get(*args, **kwargs)
|
|
|
|
return super().get(*args, **kwargs)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def redirect_to_guard_view(self, comment=''):
|
|
|
|
|
|
|
|
guard_url = reverse('authentication:login-guard') + '?_=' + comment
|
|
|
|
|
|
|
|
args = self.request.META.get('QUERY_STRING', '')
|
|
|
|
|
|
|
|
if args:
|
|
|
|
|
|
|
|
guard_url = "%s&%s" % (guard_url, args)
|
|
|
|
|
|
|
|
return redirect(guard_url)
|
|
|
|
|
|
|
|
|
|
|
|
def form_valid(self, form):
|
|
|
|
def form_valid(self, form):
|
|
|
|
from users.utils import MFABlockUtils
|
|
|
|
from users.utils import MFABlockUtils
|
|
|
|
code = form.cleaned_data.get('code')
|
|
|
|
code = form.cleaned_data.get('code')
|
|
|
@ -40,17 +46,17 @@ class UserLoginMFAView(mixins.AuthMixin, FormView):
|
|
|
|
self._do_check_user_mfa(code, mfa_type)
|
|
|
|
self._do_check_user_mfa(code, mfa_type)
|
|
|
|
user, ip = self.get_user_from_session(), self.get_request_ip()
|
|
|
|
user, ip = self.get_user_from_session(), self.get_request_ip()
|
|
|
|
MFABlockUtils(user.username, ip).clean_failed_count()
|
|
|
|
MFABlockUtils(user.username, ip).clean_failed_count()
|
|
|
|
return redirect_to_guard_view('mfa_ok')
|
|
|
|
return self.redirect_to_guard_view('mfa_ok')
|
|
|
|
except (errors.MFAFailedError, errors.BlockMFAError) as e:
|
|
|
|
except (errors.MFAFailedError, errors.BlockMFAError) as e:
|
|
|
|
form.add_error('code', e.msg)
|
|
|
|
form.add_error('code', e.msg)
|
|
|
|
return super().form_invalid(form)
|
|
|
|
return super().form_invalid(form)
|
|
|
|
except errors.SessionEmptyError:
|
|
|
|
except errors.SessionEmptyError:
|
|
|
|
return redirect_to_guard_view('session_empty')
|
|
|
|
return self.redirect_to_guard_view('session_empty')
|
|
|
|
except Exception as e:
|
|
|
|
except Exception as e:
|
|
|
|
logger.error(e)
|
|
|
|
logger.error(e)
|
|
|
|
import traceback
|
|
|
|
import traceback
|
|
|
|
traceback.print_exc()
|
|
|
|
traceback.print_exc()
|
|
|
|
return redirect_to_guard_view('unexpect')
|
|
|
|
return self.redirect_to_guard_view('unexpect')
|
|
|
|
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
user = self.get_user_from_session()
|
|
|
|
user = self.get_user_from_session()
|
|
|
|