def refresh_backup_code(self):
"""
Refreshes the users backup key and returns a new backup code.
This method should be used to request new backup codes for the user.
"""
assert self.enabled, ("MFA must be on to run refresh_backup_codes.")
self.backup_key = generate_key()
self.save()
return self.backup_code
def enable(self, challenge_type):
"""
Enables MFA for this user with the inputted challenge type.
The enabling process includes setting this objects challenge type and
generating a new backup key.
:param challenge_type: Enable MFA for this type of challenge. The type
must be in the supported `CHALLENGE_TYPES`.
:raises AssertionError: If ``challenge_type`` is not a supported
challenge type.
"""
assert challenge_type in CHALLENGE_TYPES, (
"'{challenge}' is not a valid challenge type.".format(
challenge=challenge_type))
self.challenge_type = challenge_type
self.backup_key = generate_key()
self.save()
