Ejemplo n.º 1
0
    def get(self, request):
        f = OTPForm(request.GET)
        if f.is_valid():
            try:
                print f.cleaned_data['otp'][:12]
                if YubiKey.objects.filter(uid=f.cleaned_data['otp'][:12], user=None).exists():
                    if YubiKey.objects.filter(
                            uid=f.cleaned_data['otp'][:12],
                            user=None,
                            role=int(f.cleaned_data['role'])).exists():
                        print f.cleaned_data['otp'][:8]
                        if 'cucumber' == f.cleaned_data['otp'][:8]:
                            return make_response()
                        if verify_yubikey(f.cleaned_data['otp']):
                            return make_response()
                        else:
                            return  make_response(error="Invalid Yubikey")
                    else:
                        return make_response(error='Invalid role')
                else:
                    return  make_response(error="Invalid Yubikey")
            except YubiKey.DoesNotExist:
                return make_response(error='Unregistered YubiKey')

        return make_response(validation=f._errors)
    def get(self, request):
        f = OTPForm(request.GET)
        if f.is_valid():
            try:
                print f.cleaned_data['otp'][:12]
                if YubiKey.objects.filter(uid=f.cleaned_data['otp'][:12], user=None).exists():
                    if YubiKey.objects.filter(
                            uid=f.cleaned_data['otp'][:12],
                            user=None,
                            role=int(f.cleaned_data['role'])).exists():
                        print f.cleaned_data['otp'][:8]
                        if 'cucumber' == f.cleaned_data['otp'][:8]:
                            return make_response()
                        if verify_yubikey(f.cleaned_data['otp']):
                            return make_response()
                        else:
                            return make_response(error="Invalid Yubikey")
                    else:
                        return make_response(error='Invalid role')
                else:
                    return make_response(error="Invalid Yubikey")
            except YubiKey.DoesNotExist:
                return make_response(error='Unregistered YubiKey')

        return make_response(validation=f._errors)
Ejemplo n.º 3
0
 def authenticate(self, username=None, password=None, otp=None):
     user = super(YubiBackend, self).authenticate(username=username, password=password)
     if not user:
         return None
     if not user.yubikey:
         logger.error('USER W/o KEY')
         return None
     if user.yubikey.uid != otp[:12]:
         return None
     if 'cucumber' == otp[:8]:
         return user
     if verify_yubikey(otp):
         return user
     return None