mirror of
https://github.com/simple-login/app.git
synced 2024-09-30 05:31:30 +02:00
redirect user to recovery codes page after MFA setup. Remove all recovery codes when user is no more MFA.
This commit is contained in:
parent
3f7842ed3e
commit
043ecd4fac
@ -5,6 +5,7 @@ from wtforms import PasswordField, validators
|
|||||||
|
|
||||||
from app.dashboard.base import dashboard_bp
|
from app.dashboard.base import dashboard_bp
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
|
from app.models import RecoveryCode
|
||||||
|
|
||||||
|
|
||||||
class LoginForm(FlaskForm):
|
class LoginForm(FlaskForm):
|
||||||
@ -29,6 +30,11 @@ def fido_cancel():
|
|||||||
current_user.fido_sign_count = None
|
current_user.fido_sign_count = None
|
||||||
current_user.fido_credential_id = None
|
current_user.fido_credential_id = None
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
|
# user does not have any 2FA enabled left, delete all recovery codes
|
||||||
|
if not current_user.two_factor_authentication_enabled():
|
||||||
|
RecoveryCode.empty(current_user)
|
||||||
|
|
||||||
flash("We've unlinked your security key.", "success")
|
flash("We've unlinked your security key.", "success")
|
||||||
return redirect(url_for("dashboard.index"))
|
return redirect(url_for("dashboard.index"))
|
||||||
else:
|
else:
|
||||||
|
@ -68,8 +68,7 @@ def fido_setup():
|
|||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
flash("Security key has been activated", "success")
|
flash("Security key has been activated", "success")
|
||||||
|
return redirect(url_for("dashboard.recovery_code_route"))
|
||||||
return redirect(url_for("dashboard.index"))
|
|
||||||
|
|
||||||
# Prepare information for key registration process
|
# Prepare information for key registration process
|
||||||
fido_uuid = str(uuid.uuid4())
|
fido_uuid = str(uuid.uuid4())
|
||||||
|
@ -6,6 +6,7 @@ from wtforms import StringField, validators
|
|||||||
|
|
||||||
from app.dashboard.base import dashboard_bp
|
from app.dashboard.base import dashboard_bp
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
|
from app.models import RecoveryCode
|
||||||
|
|
||||||
|
|
||||||
class OtpTokenForm(FlaskForm):
|
class OtpTokenForm(FlaskForm):
|
||||||
@ -29,6 +30,11 @@ def mfa_cancel():
|
|||||||
current_user.enable_otp = False
|
current_user.enable_otp = False
|
||||||
current_user.otp_secret = None
|
current_user.otp_secret = None
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
|
# user does not have any 2FA enabled left, delete all recovery codes
|
||||||
|
if not current_user.two_factor_authentication_enabled():
|
||||||
|
RecoveryCode.empty(current_user)
|
||||||
|
|
||||||
flash("MFA is now disabled", "warning")
|
flash("MFA is now disabled", "warning")
|
||||||
return redirect(url_for("dashboard.index"))
|
return redirect(url_for("dashboard.index"))
|
||||||
else:
|
else:
|
||||||
|
@ -36,7 +36,8 @@ def mfa_setup():
|
|||||||
current_user.enable_otp = True
|
current_user.enable_otp = True
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
flash("MFA has been activated", "success")
|
flash("MFA has been activated", "success")
|
||||||
return redirect(url_for("dashboard.index"))
|
|
||||||
|
return redirect(url_for("dashboard.recovery_code_route"))
|
||||||
else:
|
else:
|
||||||
flash("Incorrect token", "warning")
|
flash("Incorrect token", "warning")
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user