def remove(self, request, interface):
form = ConfirmPasswordForm(request.user)
if 'no' in request.POST or \
not interface.is_enrolled:
return HttpResponseRedirect(reverse('sentry-account-settings-2fa'))
elif 'yes' in request.POST:
form = ConfirmPasswordForm(request.user, request.POST)
if 'password' in form.fields:
if form.is_valid():
if request.user.check_password(form.cleaned_data['password']):
self.delete_authenticator(interface)
return HttpResponseRedirect(reverse('sentry-account-settings-2fa'))
else:
form.errors['__all__'] = ['Invalid password.']
else:
self.delete_authenticator(interface)
return HttpResponseRedirect(reverse('sentry-account-settings-2fa'))
all_interfaces = Authenticator.objects.all_interfaces_for_user(
request.user)
other_interfaces = [x for x in all_interfaces
if x.interface_id != interface.interface_id]
backup_interfaces = [x for x in other_interfaces if x.is_backup_interface]
removes_backups = backup_interfaces and \
len(backup_interfaces) == len(other_interfaces)
context = self.make_context(request, interface)
context['password_form'] = form
context['removes_backups'] = removes_backups
return render_to_response('sentry/account/twofactor/remove.html',
context, request)
def enroll(self, request, interface, insecure=False):
totp_secret = request.POST.get('totp_secret')
if totp_secret is not None:
interface.secret = totp_secret
if 'otp' in request.POST:
form = TwoFactorForm(request.POST)
password_form = ConfirmPasswordForm(request.user, request.POST)
if 'password' in password_form.fields:
if password_form.is_valid():
if form.is_valid() and interface.validate_otp(
form.cleaned_data['otp']):
return TwoFactorSettingsView.enroll(self, request, interface)
else:
form.errors['__all__'] = ['Invalid confirmation code.']
else:
form.errors['__all__'] = ['Invalid password.']
else:
if form.is_valid() and interface.validate_otp(
form.cleaned_data['otp']):
return TwoFactorSettingsView.enroll(self, request, interface)
else:
form.errors['__all__'] = ['Invalid confirmation code.']
else:
form = TwoFactorForm()
password_form = ConfirmPasswordForm(request.user)
context = self.make_context(request, interface)
context['otp_form'] = form
context['password_form'] = password_form
context['provision_qrcode'] = interface.get_provision_qrcode(
request.user.email)
return render_to_response('sentry/account/twofactor/enroll_totp.html',
context, request)
def enroll(self, request, interface, insecure=False):
totp_secret = request.POST.get('totp_secret')
if totp_secret is not None:
interface.secret = totp_secret
if 'otp' in request.POST:
form = TwoFactorForm(request.POST)
password_form = ConfirmPasswordForm(request.user, request.POST)
if 'password' in password_form.fields and password_form.is_valid():
if request.user.check_password(password_form.cleaned_data['password']):
if form.is_valid() and interface.validate_otp(
form.cleaned_data['otp']):
return TwoFactorSettingsView.enroll(self, request, interface)
else:
form.errors['__all__'] = ['Invalid confirmation code.']
else:
form.errors['__all__'] = ['Invalid password.']
else:
if form.is_valid() and interface.validate_otp(
form.cleaned_data['otp']):
return TwoFactorSettingsView.enroll(self, request, interface)
else:
form.errors['__all__'] = ['Invalid confirmation code.']
else:
form = TwoFactorForm()
password_form = ConfirmPasswordForm(request.user)
context = self.make_context(request, interface)
context['otp_form'] = form
context['password_form'] = password_form
context['provision_qrcode'] = interface.get_provision_qrcode(
request.user.email)
return render_to_response('sentry/account/twofactor/enroll_totp.html',
context, request)
def remove(self, request, interface):
form = ConfirmPasswordForm(request.user)
if 'no' in request.POST or \
not interface.is_enrolled:
return HttpResponseRedirect(reverse('sentry-account-settings-2fa'))
elif 'yes' in request.POST:
form = ConfirmPasswordForm(request.user, request.POST)
if 'password' in form.fields:
if form.is_valid():
self.delete_authenticator(request, interface)
return HttpResponseRedirect(reverse('sentry-account-settings-2fa'))
else:
form.errors['__all__'] = ['Invalid password.']
else:
self.delete_authenticator(request, interface)
return HttpResponseRedirect(reverse('sentry-account-settings-2fa'))
all_interfaces = Authenticator.objects.all_interfaces_for_user(
request.user)
other_interfaces = [x for x in all_interfaces
if x.interface_id != interface.interface_id]
backup_interfaces = [x for x in other_interfaces if x.is_backup_interface]
removes_backups = backup_interfaces and \
len(backup_interfaces) == len(other_interfaces)
context = self.make_context(request, interface)
context['password_form'] = form
context['removes_backups'] = removes_backups
return render_to_response('sentry/account/twofactor/remove.html',
context, request)
