2020-05-05 14:03:29 +02:00
|
|
|
{% extends "single.html" %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% block title %}
|
|
|
|
|
Verify Your Security Key
|
|
|
|
|
{% endblock %}
|
|
|
|
|
|
|
|
|
|
{% block head %}
|
|
|
|
|
<script src="{{ url_for('static', filename='assets/js/vendors/base64.js') }}"></script>
|
|
|
|
|
<script src="{{ url_for('static', filename='assets/js/vendors/webauthn.js') }}"></script>
|
|
|
|
|
{% endblock %}
|
|
|
|
|
|
|
|
|
|
{% block single_content %}
|
2020-05-11 23:22:06 +02:00
|
|
|
<div class="card">
|
|
|
|
|
<div class="card-body">
|
2020-05-05 14:03:29 +02:00
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
<div class="mb-2">
|
|
|
|
|
Your account is protected with your security key (WebAuthn). <br><br>
|
|
|
|
|
Follow your browser's steps to continue the sign-in process.
|
|
|
|
|
</div>
|
2020-05-05 14:03:29 +02:00
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
<form id="formRegisterKey" method="post">
|
|
|
|
|
{{ fido_token_form.csrf_token }}
|
|
|
|
|
{{ fido_token_form.sk_assertion(class="form-control", placeholder="") }}
|
2020-05-18 22:45:02 +02:00
|
|
|
|
|
|
|
|
<div class="text-center">
|
|
|
|
|
<button id="btnVerifyKey" class="btn btn-success mt-2" onclick="verifyKey();">Use your security key</button>
|
|
|
|
|
</div>
|
2020-05-23 21:56:42 +02:00
|
|
|
|
|
|
|
|
<div class="form-check">
|
|
|
|
|
{{ fido_token_form.remember(class="form-check-input", id="remember") }}
|
|
|
|
|
<label class="form-check-label" for="remember">
|
|
|
|
|
{{ fido_token_form.remember.description }}
|
|
|
|
|
</label>
|
|
|
|
|
</div>
|
2020-05-11 23:22:06 +02:00
|
|
|
</form>
|
2020-05-18 22:45:02 +02:00
|
|
|
|
2020-05-05 14:03:29 +02:00
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
{% if enable_otp %}
|
2020-05-17 10:27:20 +02:00
|
|
|
<hr>
|
|
|
|
|
<div class="text-muted mt-5" style="margin-top: 1em;">
|
2020-05-11 23:22:06 +02:00
|
|
|
Don't have your key with you? <br> <a href="{{ url_for('auth.mfa') }}">Verify by One-Time Password</a>
|
|
|
|
|
</div>
|
|
|
|
|
{% endif %}
|
2020-05-05 14:03:29 +02:00
|
|
|
|
2020-05-17 10:27:20 +02:00
|
|
|
<hr>
|
|
|
|
|
|
|
|
|
|
<div class="mt-5">
|
|
|
|
|
If you have troubles with your authentication app, you can use the recovery code to login. <br>
|
|
|
|
|
<a href="{{ url_for('auth.recovery_route', next=next_url) }}">Use Recovery Codes</a>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
<script>
|
|
|
|
|
async function verifyKey() {
|
|
|
|
|
$("#btnVerifyKey").prop('disabled', true);
|
|
|
|
|
$("#btnVerifyKey").text('Waiting for Security Key...');
|
2020-05-05 14:03:29 +02:00
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
const credentialRequestOptions = transformCredentialRequestOptions(
|
|
|
|
|
JSON.parse('{{webauthn_assertion_options|tojson|safe}}')
|
|
|
|
|
)
|
2020-05-05 14:03:29 +02:00
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
let assertion;
|
|
|
|
|
try {
|
|
|
|
|
assertion = await navigator.credentials.get({
|
|
|
|
|
publicKey: credentialRequestOptions
|
|
|
|
|
});
|
|
|
|
|
} catch (err) {
|
|
|
|
|
toastr.error("An error occurred when we trying to verify your key.");
|
|
|
|
|
$("#btnVerifyKey").prop('disabled', false);
|
|
|
|
|
$("#btnVerifyKey").text('Use your security key');
|
|
|
|
|
return console.error("Error when trying to get credential:", err);
|
|
|
|
|
}
|
2020-05-05 14:03:29 +02:00
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
const skAssertion = transformAssertionForServer(assertion);
|
|
|
|
|
$('#sk_assertion').val(JSON.stringify(skAssertion));
|
|
|
|
|
$('#formRegisterKey').submit();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
</script>
|
|
|
|
|
|
2020-05-12 04:17:51 +02:00
|
|
|
{% if auto_activate %}
|
|
|
|
|
<script>$('document').ready(verifyKey());</script>
|
|
|
|
|
{% endif %}
|
2020-05-17 10:27:20 +02:00
|
|
|
|
2020-05-11 23:22:06 +02:00
|
|
|
</div>
|
2020-05-05 14:03:29 +02:00
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
{% endblock %}
|
