remove User.can_use_fido column: anyone can setup FIDO

2020-05-28 20:38:29 +02:00 · 2020-05-28 20:38:29 +02:00 · 683b3e54d8
parent e0117e3d67
commit 683b3e54d8
4 changed files with 15 additions and 30 deletions
--- a/app/dashboard/templates/dashboard/setting.html
+++ b/app/dashboard/templates/dashboard/setting.html
@ -85,24 +85,22 @@
    </div>
    <!-- END change name & profile picture -->

-    {% if current_user.can_use_fido %}
-      <div class="card">
-        <div class="card-body">
-          <div class="card-title">Security Key (WebAuthn)</div>
-          <div class="mb-3">
-            You can secure your account by linking either your FIDO-supported physical key such as Yubikey, Google
-            Titan,
-            or a device with appropriate hardware to your account.
-          </div>
-          {% if current_user.fido_uuid is none %}
-            <a href="{{ url_for('dashboard.fido_setup') }}" class="btn btn-outline-primary">Setup WebAuthn</a>
-          {% else %}
-            <a href="{{ url_for('dashboard.fido_manage') }}" class="btn btn-outline-info">Manage WebAuthn</a>
-            <a href="{{ url_for('dashboard.recovery_code_route') }}" class="btn btn-outline-secondary">Recovery Codes</a>
-          {% endif %}
+    <div class="card">
+      <div class="card-body">
+        <div class="card-title">Security Key (WebAuthn)</div>
+        <div class="mb-3">
+          You can secure your account by linking either your FIDO-supported physical key such as Yubikey, Google
+          Titan,
+          or a device with appropriate hardware to your account.
        </div>
+        {% if current_user.fido_uuid is none %}
+          <a href="{{ url_for('dashboard.fido_setup') }}" class="btn btn-outline-primary">Setup WebAuthn</a>
+        {% else %}
+          <a href="{{ url_for('dashboard.fido_manage') }}" class="btn btn-outline-info">Manage WebAuthn</a>
+          <a href="{{ url_for('dashboard.recovery_code_route') }}" class="btn btn-outline-secondary">Recovery Codes</a>
+        {% endif %}
      </div>
-    {% endif %}
+    </div>

    <div class="card" id="totp">
      <div class="card-body">
--- a/app/dashboard/views/fido_setup.py
+++ b/app/dashboard/views/fido_setup.py
@ -26,13 +26,6 @@ class FidoTokenForm(FlaskForm):
@login_required
@sudo_required
 def fido_setup():
-    if not current_user.can_use_fido:
-        flash(
-            "This feature is currently in invitation-only beta. Please send us an email if you want to try",
-            "warning",
-        )
-        return redirect(url_for("dashboard.index"))
-
    if current_user.fido_uuid is not None:
        fidos = Fido.filter_by(uuid=current_user.fido_uuid).all()
    else:
--- a/app/models.py
+++ b/app/models.py
@ -166,13 +166,8 @@ class User(db.Model, ModelMixin, UserMixin):
    # Fields for WebAuthn
    fido_uuid = db.Column(db.String(), nullable=True, unique=True)

-    # whether user can use Fido
-    can_use_fido = db.Column(
-        db.Boolean, default=False, nullable=False, server_default="0"
-    )
-
    def fido_enabled(self) -> bool:
-        if self.can_use_fido and self.fido_uuid is not None:
+        if self.fido_uuid is not None:
            return True
        return False

--- a/server.py
+++ b/server.py
@ -143,7 +143,6 @@ def fake_data():
        activated=True,
        is_admin=True,
        otp_secret="base32secret3232",
-        can_use_fido=True,
        intro_shown=True,
        fido_uuid=None,
    )