From bc121d51e668e8fc18bcd88efe1c093b16440e5a Mon Sep 17 00:00:00 2001 From: John Spounias Date: Sat, 13 Jun 2020 12:43:37 -0600 Subject: [PATCH 1/3] U2F Auth fix, migration fix --- mfa/U2F.py | 2 +- mfa/migrations/0010_auto_20200603_1907.py | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 mfa/migrations/0010_auto_20200603_1907.py diff --git a/mfa/U2F.py b/mfa/U2F.py index 938841e..3d648a8 100644 --- a/mfa/U2F.py +++ b/mfa/U2F.py @@ -69,7 +69,7 @@ def auth(request): request.session["_u2f_challenge_"]=s[0] context["token"]=s[1] - return render(request,"U2F/Auth.html") + return render(request,"U2F/Auth.html", context) def start(request): enroll = begin_registration(settings.U2F_APPID, []) diff --git a/mfa/migrations/0010_auto_20200603_1907.py b/mfa/migrations/0010_auto_20200603_1907.py new file mode 100644 index 0000000..982c006 --- /dev/null +++ b/mfa/migrations/0010_auto_20200603_1907.py @@ -0,0 +1,18 @@ +# Generated by Django 3.0.7 on 2020-06-03 19:07 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('mfa', '0009_user_keys_owned_by_enterprise'), + ] + + operations = [ + migrations.AlterField( + model_name='user_keys', + name='key_type', + field=models.CharField(default='TOTP', max_length=25), + ), + ] From f08613f63fc53bbfb7debd59d053a66a8d3ab782 Mon Sep 17 00:00:00 2001 From: John Spounias Date: Sat, 13 Jun 2020 14:28:50 -0600 Subject: [PATCH 2/3] removed migration, already in master --- mfa/migrations/0010_auto_20200603_1907.py | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 mfa/migrations/0010_auto_20200603_1907.py diff --git a/mfa/migrations/0010_auto_20200603_1907.py b/mfa/migrations/0010_auto_20200603_1907.py deleted file mode 100644 index 982c006..0000000 --- a/mfa/migrations/0010_auto_20200603_1907.py +++ /dev/null @@ -1,18 +0,0 @@ -# Generated by Django 3.0.7 on 2020-06-03 19:07 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ('mfa', '0009_user_keys_owned_by_enterprise'), - ] - - operations = [ - migrations.AlterField( - model_name='user_keys', - name='key_type', - field=models.CharField(default='TOTP', max_length=25), - ), - ] From 105bde9f8e29e2ddb11a97c88aeaca0f045bf4f1 Mon Sep 17 00:00:00 2001 From: John Spounias Date: Sun, 21 Jun 2020 19:00:05 -0600 Subject: [PATCH 3/3] changing shas to iregex to better use underlying library --- mfa/U2F.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mfa/U2F.py b/mfa/U2F.py index 3d648a8..023e665 100644 --- a/mfa/U2F.py +++ b/mfa/U2F.py @@ -40,6 +40,7 @@ def check_errors(request, data): if data["errorCode"] == 1: return auth(request) return True + def validate(request,username): import datetime, random @@ -52,7 +53,9 @@ def validate(request,username): challenge = request.session.pop('_u2f_challenge_') device, c, t = complete_authentication(challenge, data, [settings.U2F_APPID]) - key=User_Keys.objects.get(username=username,properties__shas="$.device.publicKey=%s"%device["publicKey"]) + + key = User_Keys.objects.filter(username=username, properties__iregex=rf'{device["publicKey"]}') + #key=User_Keys.objects.get(username=username,properties__shas="$.device.publicKey=%s"%device["publicKey"]) key.last_used=timezone.now() key.save() mfa = {"verified": True, "method": "U2F","id":key.id}