mirror of
https://github.com/inventree/InvenTree
synced 2024-08-30 18:33:04 +00:00
Remove custom 2FA code (#3300)
* Update django-allauth-2fa to latest version * Remove custom view / form for removing token * Revert "2FA disable" view to custom view - Allows specification of custom redirect URL
This commit is contained in:
parent
7376e34505
commit
67732f8f81
@ -15,7 +15,6 @@ from allauth.account.forms import SignupForm, set_form_field_order
|
|||||||
from allauth.exceptions import ImmediateHttpResponse
|
from allauth.exceptions import ImmediateHttpResponse
|
||||||
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
|
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
|
||||||
from allauth_2fa.adapter import OTPAdapter
|
from allauth_2fa.adapter import OTPAdapter
|
||||||
from allauth_2fa.forms import TOTPDeviceRemoveForm
|
|
||||||
from allauth_2fa.utils import user_has_valid_totp_device
|
from allauth_2fa.utils import user_has_valid_totp_device
|
||||||
from crispy_forms.bootstrap import (AppendedText, PrependedAppendedText,
|
from crispy_forms.bootstrap import (AppendedText, PrependedAppendedText,
|
||||||
PrependedText)
|
PrependedText)
|
||||||
@ -270,36 +269,3 @@ class CustomSocialAccountAdapter(RegistratonMixin, DefaultSocialAccountAdapter):
|
|||||||
|
|
||||||
# Otherwise defer to the original allauth adapter.
|
# Otherwise defer to the original allauth adapter.
|
||||||
return super().login(request, user)
|
return super().login(request, user)
|
||||||
|
|
||||||
|
|
||||||
# Temporary fix for django-allauth-2fa # TODO remove
|
|
||||||
# See https://github.com/inventree/InvenTree/security/advisories/GHSA-8j76-mm54-52xq
|
|
||||||
|
|
||||||
class CustomTOTPDeviceRemoveForm(TOTPDeviceRemoveForm):
|
|
||||||
"""Custom Form to ensure a token is provided before removing MFA"""
|
|
||||||
# User must input a valid token so 2FA can be removed
|
|
||||||
token = forms.CharField(
|
|
||||||
label=_('Token'),
|
|
||||||
)
|
|
||||||
|
|
||||||
def __init__(self, user, **kwargs):
|
|
||||||
"""Add token field."""
|
|
||||||
super().__init__(user, **kwargs)
|
|
||||||
self.fields['token'].widget.attrs.update(
|
|
||||||
{
|
|
||||||
'autofocus': 'autofocus',
|
|
||||||
'autocomplete': 'off',
|
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
||||||
def clean_token(self):
|
|
||||||
"""Ensure at least one valid token is provided."""
|
|
||||||
# Ensure that the user has provided a valid token
|
|
||||||
token = self.cleaned_data.get('token')
|
|
||||||
|
|
||||||
# Verify that the user has provided a valid token
|
|
||||||
for device in self.user.totpdevice_set.filter(confirmed=True):
|
|
||||||
if device.verify_token(token):
|
|
||||||
return token
|
|
||||||
|
|
||||||
raise forms.ValidationError(_("The entered token is not valid"))
|
|
||||||
|
@ -37,7 +37,7 @@ from common.settings import currency_code_default, currency_codes
|
|||||||
from part.models import PartCategory
|
from part.models import PartCategory
|
||||||
from users.models import RuleSet, check_user_role
|
from users.models import RuleSet, check_user_role
|
||||||
|
|
||||||
from .forms import CustomTOTPDeviceRemoveForm, EditUserForm, SetPasswordForm
|
from .forms import EditUserForm, SetPasswordForm
|
||||||
|
|
||||||
|
|
||||||
def auth_request(request):
|
def auth_request(request):
|
||||||
@ -764,10 +764,8 @@ class NotificationsView(TemplateView):
|
|||||||
template_name = "InvenTree/notifications/notifications.html"
|
template_name = "InvenTree/notifications/notifications.html"
|
||||||
|
|
||||||
|
|
||||||
# Temporary fix for django-allauth-2fa # TODO remove
|
# Custom 2FA removal form to allow custom redirect URL
|
||||||
# See https://github.com/inventree/InvenTree/security/advisories/GHSA-8j76-mm54-52xq
|
|
||||||
|
|
||||||
class CustomTwoFactorRemove(TwoFactorRemove):
|
class CustomTwoFactorRemove(TwoFactorRemove):
|
||||||
"""Use custom form."""
|
"""Specify custom URL redirect."""
|
||||||
form_class = CustomTOTPDeviceRemoveForm
|
|
||||||
success_url = reverse_lazy("settings")
|
success_url = reverse_lazy("settings")
|
||||||
|
@ -71,7 +71,7 @@ django-allauth==0.51.0
|
|||||||
# via
|
# via
|
||||||
# -r requirements.in
|
# -r requirements.in
|
||||||
# django-allauth-2fa
|
# django-allauth-2fa
|
||||||
django-allauth-2fa==0.9
|
django-allauth-2fa==0.10.0
|
||||||
# via -r requirements.in
|
# via -r requirements.in
|
||||||
django-cleanup==6.0.0
|
django-cleanup==6.0.0
|
||||||
# via -r requirements.in
|
# via -r requirements.in
|
||||||
|
Loading…
Reference in New Issue
Block a user