Unlink security key
This commit is contained in:
parent
a32b69078f
commit
705941b8b8
|
@ -12,6 +12,7 @@ from .views import (
|
|||
mfa_setup,
|
||||
mfa_cancel,
|
||||
fido_setup,
|
||||
fido_cancel,
|
||||
domain_detail,
|
||||
lifetime_licence,
|
||||
directory,
|
||||
|
|
|
@ -0,0 +1,27 @@
|
|||
{% extends 'default.html' %}
|
||||
{% set active_page = "setting" %}
|
||||
{% block title %}
|
||||
Unlink Security Key
|
||||
{% endblock %}
|
||||
|
||||
|
||||
{% block default_content %}
|
||||
<div class="bg-white p-6" style="max-width: 60em; margin: auto">
|
||||
<h1 class="h2">Unlink Your Security Key</h1>
|
||||
<p>
|
||||
Please enter the password of your account so that we can ensure it's you.
|
||||
</p>
|
||||
|
||||
<form method="post">
|
||||
{{ password_check_form.csrf_token }}
|
||||
|
||||
<div class="font-weight-bold mt-5">Password</div>
|
||||
|
||||
{{ password_check_form.password(class="form-control", autofocus="true") }}
|
||||
{{ render_field_errors(password_check_form.password) }}
|
||||
<button class="btn btn-lg btn-danger mt-2">Unlink Key</button>
|
||||
</form>
|
||||
|
||||
|
||||
</div>
|
||||
{% endblock %}
|
|
@ -0,0 +1,36 @@
|
|||
from flask import render_template, flash, redirect, url_for
|
||||
from flask_login import login_required, current_user
|
||||
from flask_wtf import FlaskForm
|
||||
from wtforms import PasswordField, validators
|
||||
|
||||
from app.dashboard.base import dashboard_bp
|
||||
from app.extensions import db
|
||||
|
||||
|
||||
class LoginForm(FlaskForm):
|
||||
password = PasswordField("Password", validators=[validators.DataRequired()])
|
||||
|
||||
|
||||
@dashboard_bp.route("/fido_cancel", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def fido_cancel():
|
||||
if current_user.fido_uuid is None:
|
||||
flash("You haven't registed a security key", "warning")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
|
||||
password_check_form = LoginForm()
|
||||
|
||||
if password_check_form.validate_on_submit():
|
||||
password = password_check_form.password.data
|
||||
|
||||
if current_user.check_password(password):
|
||||
current_user.fido_pk = None
|
||||
current_user.fido_uuid = None
|
||||
current_user.fido_credential_id = None
|
||||
db.session.commit()
|
||||
flash("We've unlinked your security key.", "success")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
else:
|
||||
flash("Incorrect password", "warning")
|
||||
|
||||
return render_template("dashboard/fido_cancel.html", password_check_form=password_check_form)
|
Loading…
Reference in New Issue