class EnableTwoFactorForm(forms.Form):
secret_key = forms.CharField(widget=forms.HiddenInput(attrs={'readonly': True}))
secret_key_b32 = forms.CharField(label=_("Authentication Key"),
widget=forms.TextInput(attrs={'readonly': True})
)
token = forms.IntegerField(label=_("Authentication Code"),
help_text="Enter the changing six-digit number from your authentication mobile phone or device here. If the code is not accepeted make sure the mobile phone is in correct time.",
widget=forms.TextInput(attrs={'class': 'input-small', 'maxlength': '6', 'autocomplete': 'off'}),
min_value=1, max_value=999999,
required=True
)
def __init__(self, user, *args, **kwargs):
super(EnableTwoFactorForm, self).__init__(*args, **kwargs)
self.user = user
if "secret_key" not in self.data:
self.auth_token = UserAuthToken(user=self.user)
key = b64encode(os.urandom(16))[:10]
self.fields['secret_key'].initial = key
self.auth_token.encrypted_seed = encrypt_value(self.fields['secret_key'].initial)
self.fields['secret_key_b32'].initial = self.auth_token.b32_secret()
else:
self.auth_token = UserAuthToken(user=self.user)
self.auth_token.encrypted_seed = encrypt_value(self.data["secret_key"])
def secret_url(self):
return self.auth_token.google_url(name=self.user.username + "@" + TWOFACTOR_PLACE_NAME)
def clean(self):
if "token" not in self.cleaned_data:
raise forms.ValidationError(_(u"Please enter the authentication code."))
if UserAuthToken.objects.filter(user=self.user).count() > 0:
raise forms.ValidationError(_(u"Two-factor authentication already enabled for this user!"))
validate = self.auth_token.check_auth_code(self.cleaned_data["token"])
if (validate == True):
self.auth_token.save()
else:
raise forms.ValidationError(_(u"Invalid authentication code. Please try again."))
