def handle_mfa_response(self, user, mfa_method, *args, **kwargs): data = { 'ephemeral_token': user_token_generator.make_token(user), 'method': mfa_method.name, 'other_methods': serializers.UserMFAMethodSerializer( user.mfa_methods.filter(is_active=True, is_primary=False), many=True, ).data, } return Response(data)
def clean(self): cleaned_data = super().clean() # `super().clean()` initialize the object `self.user_cache` with # the user object retrieved from authentication (if any) auth_method = get_mfa_model().objects.filter( is_active=True, user=self.user_cache).first() # Because we only support one 2FA method, we do not filter on # `is_primary` too (as django_trench does). # ToDo Figure out why `is_primary` is False sometimes after reactivating # 2FA if auth_method: self.ephemeral_token_cache = (user_token_generator.make_token( self.user_cache)) return cleaned_data
def handle_mfa_response(self, user, mfa_method, *args, **kwargs): data = { 'ephemeral_token': user_token_generator.make_token(user), 'method': mfa_method.name, 'other_methods': UserMFAMethodSerializer( user.mfa_methods.filter(is_active=True, is_primary=False), many=True, ).data, } if mfa_method.name == 'sms': data['censored_phone_number'] = user.censored_phone_number return Response(data)
def post(self, request: Request) -> Response: serializer = LoginSerializer(data=request.data) serializer.is_valid(raise_exception=True) try: user = authenticate_user_command( request=request, username=serializer.validated_data[User.USERNAME_FIELD], password=serializer.validated_data["password"], ) except MFAValidationError as cause: return ErrorResponse(error=cause) try: mfa_model = get_mfa_model() mfa_method = mfa_model.objects.get_primary_active(user_id=user.id) get_mfa_handler(mfa_method=mfa_method).dispatch_message() return Response( data={ "ephemeral_token": user_token_generator.make_token(user), "method": mfa_method.name, }) except MFAMethodDoesNotExistError: return self._successful_authentication_response(user=user)