def custom_validation(self, attrs): if self.user.profile.use_totp: totp = attrs.get('totp', None) if not totp: raise PermissionDenied(1021) if not valid_totp(self.user, totp): raise PermissionDenied(1022)
def validate(self, attrs): res = super().validate(attrs) if self.user.profile.use_totp: totp = attrs.get('totp', None) if totp is None or not valid_totp(self.user, totp): raise PermissionDenied() return res
def disable_2fa(request): user = request.user if user.is_anonymous: raise PermissionDenied() if not user.profile.use_totp or not valid_totp(user, request.data['totp']): raise PermissionDenied() user.profile.use_totp = False user.profile.save() return Response({"result": "ok"})
def validate(self, attrs): res = super().validate(attrs) if attrs['user']: user = attrs['user'] if user.profile.use_totp: totp = attrs.get('totp', None) if not totp: raise PermissionDenied(1019) if not valid_totp(user, totp): raise PermissionDenied(1020) return res
def login(self): self.user = self.serializer.validated_data['user'] try: p = self.user.profile except ObjectDoesNotExist: print('try create user', flush=True) self.user.username = str(self.user.id) init_profile(self.user, is_social=True, lang=self.serializer.context['request'].COOKIES.get('lang', 'en')) self.user.save() print('user_created', flush=True) if self.user.profile.use_totp: totp = self.serializer.validated_data.get('totp', None) if not totp: logout(self.request) raise PermissionDenied(1032) if not valid_totp(self.user, totp): logout(self.request) raise PermissionDenied(1033) return super().login()