def dispatch(self, *args, **kwargs):
# We call otp_required here because we want to use self.success_url as
# the login_url. Using it as a class decorator would make it difficult
# for users who wish to override this property
fn = otp_required(super().dispatch,
login_url=self.success_url,
redirect_field_name=None)
return fn(*args, **kwargs)
def fir_auth_required(view=None, redirect_field_name=None, login_url=None):
if TF_INSTALLED:
from django_otp.decorators import otp_required
if ENFORCE_2FA:
decorator = otp_required(view=view,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=login_url,
if_configured=False)
else:
decorator = otp_required(view=view,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=login_url,
if_configured=True)
else:
decorator = login_required(function=view,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=None)
return decorator
@elevate_required
def backup_download_view(request):
static_device = request.user.staticdevice_set.get_or_create(
name='backup')[0]
if static_device.token_set.count() == 0:
raise Http404
response = TemplateResponse(
request,
"account/twofactor-backup-download.txt",
context={"tokens": static_device.token_set.all()},
content_type="text/plain")
response[
"Content-Disposition"] = "attachment; filename=\"inboxen-backup-tokens.txt\""
return response
backup_view = elevate_required(
core.BackupTokensView.as_view(
template_name="account/twofactor-backup.html",
success_url="user-twofactor-backup"))
disable_view = elevate_required(
otp_required(
profile.DisableView.as_view(
template_name="account/twofactor-disable.html",
success_url="user-settings")))
login = anonymous_required(LoginView.as_view())
setup_view = elevate_required(TwoFactorSetupView.as_view())
qrcode_view = elevate_required(core.QRGeneratorView.as_view())
TOTPDeviceCheckForm,
TOTPDeviceConfirmForm,
)
from ftl.otp_plugins.otp_ftl.views import FTLBaseCheckView, FTLBaseDeleteView
from ftl.views_auth import LoginViewFTL
@method_decorator(login_required, name="dispatch")
class TOTPDeviceCheck(FTLBaseCheckView):
template_name = "otp_ftl/totpdevice_check.html"
form_class = TOTPDeviceCheckForm
success_url = reverse_lazy("home")
@method_decorator(login_required, name="dispatch")
@method_decorator(otp_required(if_configured=True), name="dispatch")
class TOTPDeviceDisplay(DetailView):
template_name = "otp_ftl/totpdevice_detail.html"
model = TOTPDevice
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context["form"] = TOTPDeviceConfirmForm(self.request.user, None)
return context
@method_decorator(login_required, name="dispatch")
@method_decorator(otp_required(if_configured=True), name="dispatch")
class TOTPDeviceConfirm(SingleObjectMixin, LoginViewFTL):
template_name = "otp_ftl/totpdevice_detail.html"
form_class = TOTPDeviceConfirmForm
from django.urls import path
from django.views.generic import TemplateView
from django_otp.decorators import otp_required
from django.contrib.auth.views import login_required
from . import views
urlpatterns = [
path("key/", views.CodeView.as_view(), name="key"),
path(
"start/",
login_required(
otp_required(TemplateView.as_view(template_name="covid_key/start.html"))
),
name="start",
),
]
# Licensed under the Business Source License. See LICENSE in the project root for more information.
from django.conf import settings
from django.conf.urls import url
from django_otp.decorators import otp_required
from account import views_oauth2_mgnt
app_name = "oauth2_provider"
urlpatterns = [
# Token management views
url(
r"^authorized_tokens/$",
otp_required(
views_oauth2_mgnt.FTLAccountAuthorizedTokensListView.as_view(
template_name="account/oauth2_authorized-tokens.html"
),
if_configured=True,
),
name="authorized-token-list",
),
url(
r"^authorized_tokens/(?P<pk>[\w-]+)/delete/$",
otp_required(
views_oauth2_mgnt.FTLAccountAuthorizedTokenDeleteView.as_view(
template_name="account/oauth2_authorized-token-delete.html"
),
if_configured=True,
),
name="authorized-token-delete",
),
]
from django.urls import path, re_path
from django.views.generic import TemplateView
from django_otp.decorators import otp_required
from django.contrib.auth.views import login_required
from . import views
urlpatterns = [
path("key/", views.CodeView.as_view(), name="key"),
path(
"start/",
login_required(otp_required(views.StartView.as_view())),
name="start",
),
path(
"generate-key/",
login_required(
otp_required(
TemplateView.as_view(
template_name="covid_key/generate_key.html"))),
name="generate_key",
),
path(
"otk-sms/",
login_required(otp_required(views.OtkSmsView.as_view())),
name="otk_sms",
),
re_path(
r"otk_sms_sent/(?P<phone_number>[+\d]{0,50})$",
login_required(otp_required(views.OtkSmsSentView.as_view())),
name="otk_sms_sent",
qrcode_url = "user-twofactor-qrcode"
def done(self, *args, **kwargs):
out = super(TwoFactorSetupView, self).done(*args, **kwargs)
messages.success(self.request, _("Two factor authentication has been enabled on your account."))
return out
def get_context_data(self, **kwargs):
context = super(TwoFactorSetupView, self).get_context_data(**kwargs)
if self.steps.current == 'generator':
context["secret"] = self.request.session[self.session_key_name]
return context
def post(self, *args, **kwargs):
try:
return super(TwoFactorSetupView, self).post(*args, **kwargs)
except ValidationError:
raise SuspiciousOperation("ManagementForm data is missing or has been tampered.")
backup_view = elevate_required(core.BackupTokensView.as_view(template_name="account/twofactor-backup.html",
success_url="user-twofactor-backup"))
disable_view = elevate_required(otp_required(profile.DisableView.as_view(template_name="account/twofactor-disable.html",
success_url="user-security")))
login = anonymous_required(LoginView.as_view())
setup_view = elevate_required(TwoFactorSetupView.as_view())
qrcode_view = elevate_required(core.QRGeneratorView.as_view())
twofactor_view = profile.ProfileView.as_view(template_name="account/security.html")
from directory.models import DirectoryPage, DirectoryEntry
from accounts.forms import DirectoryEntryOwnerForm
class SecuredropListView(ListView):
model = DirectoryEntry
template_name = 'home.html'
class SecuredropDetailView(DetailView):
model = DirectoryEntry
template_name = 'securedrop_detail.html'
@method_decorator(directory_management_required, name='dispatch')
@method_decorator(otp_required(redirect_field_name=None), name='dispatch')
class SecuredropEditView(UpdateView):
template_name = 'directory_management/securedroppage_form.html'
form_class = DirectoryEntryOwnerForm
model = DirectoryEntry
def get_object(self):
self.directory_page = DirectoryPage.objects.first()
if 'slug' in self.kwargs:
obj = super(SecuredropEditView, self).get_object()
if not obj.owners.filter(owner=self.request.user).exists():
raise PermissionDenied
return obj