def get(self, request): f = OTPForm(request.GET) if f.is_valid(): try: print f.cleaned_data['otp'][:12] if YubiKey.objects.filter(uid=f.cleaned_data['otp'][:12], user=None).exists(): if YubiKey.objects.filter( uid=f.cleaned_data['otp'][:12], user=None, role=int(f.cleaned_data['role'])).exists(): print f.cleaned_data['otp'][:8] if 'cucumber' == f.cleaned_data['otp'][:8]: return make_response() if verify_yubikey(f.cleaned_data['otp']): return make_response() else: return make_response(error="Invalid Yubikey") else: return make_response(error='Invalid role') else: return make_response(error="Invalid Yubikey") except YubiKey.DoesNotExist: return make_response(error='Unregistered YubiKey') return make_response(validation=f._errors)
def authenticate(self, username=None, password=None, otp=None): user = super(YubiBackend, self).authenticate(username=username, password=password) if not user: return None if not user.yubikey: logger.error('USER W/o KEY') return None if user.yubikey.uid != otp[:12]: return None if 'cucumber' == otp[:8]: return user if verify_yubikey(otp): return user return None