admin2fauth

2024-01-19 10:59:35 +01:00 · 2024-01-19 10:59:35 +01:00 · b031f2ac08
parent 6babea9f55
commit b031f2ac08
4 changed files with 26 additions and 0 deletions
--- a/idhub/admin/views.py
+++ b/idhub/admin/views.py
@ -48,6 +48,24 @@ from idhub.models import (
 )


+class DobleFactorAuthView(AdminView):
+    url = reverse_lazy('idhub:admin_dashboard')
+
+    def get(self, request, *args, **kwargs):
+        import pdb; pdb.set_trace()
+        if not self.request.session.get("2fauth"):
+            return redirect(self.url)
+            
+        if self.request.session.get("2fauth") == '0c9116a7-c6e5-41d7-bbf0-e8492cdfca23'
+        if not request.user.is_admin:
+            return redirect(url)
+
+        if self.request.session.get("2fauth"):
+            return redirect(reverse_lazy("idhub:login"))
+
+        return super().get(request, *args, **kwargs)
+
+
 class DashboardView(AdminView, SingleTableView):
    template_name = "idhub/admin/dashboard.html"
    table_class = DashboardTable
--- a/idhub/mixins.py
+++ b/idhub/mixins.py
@ -30,4 +30,7 @@ class AdminView(UserView):
            url = reverse_lazy('idhub:user_dashboard')
            return redirect(url)

+        if self.request.session.get("2fauth"):
+            return redirect(reverse_lazy("idhub:login"))
+
        return super().get(request, *args, **kwargs)
--- a/idhub/urls.py
+++ b/idhub/urls.py
@ -175,6 +175,8 @@ urlpatterns = [
        name='admin_import'),
    path('admin/import/new', views_admin.ImportAddView.as_view(),
        name='admin_import_add'),
+    path('admin/auth/<uuid:2fauth>', views_admin.DobleFactorAuthView.as_view(),
+        name='admin_2fauth'),

    path('did-registry/<str:did_id>/did.json', serve_did)

--- a/idhub/views.py
+++ b/idhub/views.py
@ -1,3 +1,4 @@
+import uuid
 from django.shortcuts import get_object_or_404
 from django.urls import reverse_lazy
 from django.conf import settings
@ -41,6 +42,8 @@ class LoginView(auth_views.LoginView):
            # )
            # cache.set("KEY_DIDS", encryption_key, None)
            cache.set("KEY_DIDS", sensitive_data_encryption_key, None)
+            # self.request.session["2fauth"] = uuid.uuid4()
+            self.request.session["2fauth"] = '0c9116a7-c6e5-41d7-bbf0-e8492cdfca23'

        self.request.session["key_did"] = user.encrypt_data(
            sensitive_data_encryption_key,