cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template

2019-02-25 13:02:50 +01:00 · 2019-02-25 13:02:50 +01:00 · da5568b571
parent 07f5dce97a
commit da5568b571
8 changed files with 73 additions and 50 deletions
--- a/passbook/core/auth/view.py
+++ b/passbook/core/auth/view.py
@ -9,6 +9,7 @@ from django.views.generic import View
 from passbook.core.models import Factor, User
 from passbook.core.views.utils import PermissionDeniedView
 from passbook.lib.utils.reflection import class_to_path, path_to_class
+from passbook.lib.utils.urls import is_url_absolute

 LOGGER = getLogger(__name__)

@ -39,7 +40,6 @@ class AuthenticationView(UserPassesTestMixin, View):
        return redirect(reverse('passbook_core:overview'))

    def dispatch(self, request, *args, **kwargs):
-        print(request.session.keys())
        # Extract pending user from session (only remember uid)
        if AuthenticationView.SESSION_PENDING_USER in request.session:
            self.pending_user = get_object_or_404(
@ -122,7 +122,9 @@ class AuthenticationView(UserPassesTestMixin, View):
        LOGGER.debug("Logged in user %s", self.pending_user)
        # Cleanup
        self._cleanup()
-        # TODO: ?next=...
+        next_param = self.request.GET.get('next', None)
+        if next_param and is_url_absolute(next_param):
+            return redirect(next_param)
        return redirect(reverse('passbook_core:overview'))

    def _cleanup(self):
@ -132,7 +134,6 @@ class AuthenticationView(UserPassesTestMixin, View):
        for key in session_keys:
            if key in self.request.session:
                del self.request.session[key]
-        print(self.request.session.keys())
        LOGGER.debug("Cleaned up sessions")

 class FactorPermissionDeniedView(PermissionDeniedView):
--- a/passbook/core/templates/base/skeleton.html
+++ b/passbook/core/templates/base/skeleton.html
@ -15,6 +15,12 @@
    <link rel="shortcut icon" type="image/png" href="{% static 'img/logo.png' %}">
    <link rel="stylesheet" type="text/css" href="{% static 'css/patternfly.min.css' %}">
    <link rel="stylesheet" type="text/css" href="{% static 'css/patternfly-additions.min.css' %}">
+    <style>
+        .login-pf {
+            background-attachment: fixed;
+            scroll-behavior: smooth;
+        }
+    </style>
    {% block head %}
    {% endblock %}
  </head>
--- a/passbook/core/templates/login/base.html
+++ b/passbook/core/templates/login/base.html
@ -5,53 +5,57 @@

 {% block head %}
 <style>
-  .login-pf-page .login-pf-page-footer-links {
-    padding: 15px;
-    background-color: #fff;
-    border-top: 2px solid transparent;
-    box-shadow: 0 1px 1px rgba(3,3,3,.175);
-  }
+    .login-pf-page .login-pf-page-footer-links {
+        padding: 15px;
+        background-color: #fff;
+        border-top: 2px solid transparent;
+        box-shadow: 0 1px 1px rgba(3, 3, 3, .175);
+    }

-  .login-pf-page .login-pf-page-footer-link {
-    color: #72767b;
-  }
+    .login-pf-page .login-pf-page-footer-link {
+        color: #72767b;
+    }

-  .login-pf-page .login-pf-page-footer-links li:not(:last-of-type):after {
-    color: #72767b;
-  }
+    .login-pf-page .login-pf-page-footer-links li:not(:last-of-type):after {
+        color: #72767b;
+    }
 </style>
 {% endblock %}

 {% block body %}
 <div class="login-pf-page">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-sm-6 col-sm-offset-3 col-md-6 col-md-offset-3 col-lg-4 col-lg-offset-4">
-        <header class="login-pf-page-header">
-          <img class="login-pf-brand" style="max-height: 10rem;" src="{% static 'img/logo.svg' %}" alt="PatternFly logo" />
-          {% if config.login.subtext %}
-          <p>{{ config.login.subtext }}</p>
-          {% endif %}
-        </header>
+    <div class="container-fluid">
        <div class="row">
-          {% block row %}
-          <div class="col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-8 col-lg-offset-2">
-            <div class="card-pf">
-              {% block card %}
-              {% endblock %}
-            </div><!-- card -->
-            <footer class="login-pf-page-footer">
-              <ul class="login-pf-page-footer-links list-unstyled">
-                <li><a class="login-pf-page-footer-link" href="#">Terms of Use</a></li>
-                <li><a class="login-pf-page-footer-link" href="#">Help</a></li>
-                <li><a class="login-pf-page-footer-link" href="#">Privacy Policy</a></li>
-              </ul>
-            </footer>
-          </div><!-- col -->
-          {% endblock %}
+            <div class="col-md-6 col-md-offset-3">
+                {% include 'partials/messages.html' %}
+            </div>
+            <div class="col-sm-6 col-sm-offset-3 col-md-6 col-md-offset-3 col-lg-4 col-lg-offset-4">
+                <header class="login-pf-page-header">
+                    <img class="login-pf-brand" style="max-height: 10rem;" src="{% static 'img/logo.svg' %}"
+                        alt="PatternFly logo" />
+                    {% if config.login.subtext %}
+                    <p>{{ config.login.subtext }}</p>
+                    {% endif %}
+                </header>
+                <div class="row">
+                    {% block row %}
+                    <div class="col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-8 col-lg-offset-2">
+                        <div class="card-pf">
+                            {% block card %}
+                            {% endblock %}
+                        </div><!-- card -->
+                        <footer class="login-pf-page-footer">
+                            <ul class="login-pf-page-footer-links list-unstyled">
+                                <li><a class="login-pf-page-footer-link" href="#">Terms of Use</a></li>
+                                <li><a class="login-pf-page-footer-link" href="#">Help</a></li>
+                                <li><a class="login-pf-page-footer-link" href="#">Privacy Policy</a></li>
+                            </ul>
+                        </footer>
+                    </div><!-- col -->
+                    {% endblock %}
+                </div><!-- row -->
+            </div><!-- col -->
        </div><!-- row -->
-      </div><!-- col -->
-    </div><!-- row -->
-  </div><!-- container -->
+    </div><!-- container -->
 </div><!-- login-pf-page -->
 {% endblock %}
--- a/passbook/core/templates/login/form.html
+++ b/passbook/core/templates/login/form.html
@ -7,7 +7,6 @@
 <header class="login-pf-header">
  <h1>{% trans title %}</h1>
 </header>
-{% include 'partials/messages.html' %}
 <form method="POST">
  {% csrf_token %}
  {% block above_form %}
--- a/passbook/core/views/authentication.py
+++ b/passbook/core/views/authentication.py
@ -62,8 +62,7 @@ class LoginView(UserPassesTestMixin, FormView):
        if not pre_user:
            # No user found
            return self.invalid_login(self.request)
-        if AuthenticationView.SESSION_FACTOR in self.request.session:
-            del self.request.session[AuthenticationView.SESSION_FACTOR]
+        self.request.session.flush()
        self.request.session[AuthenticationView.SESSION_PENDING_USER] = pre_user.pk
        return redirect(reverse('passbook_core:auth-process'))

--- a/passbook/otp/factors.py
+++ b/passbook/otp/factors.py
@ -15,9 +15,14 @@ LOGGER = getLogger(__name__)
 class OTPFactor(FormView, AuthenticationFactor):
    """OTP Factor View"""

-    template_name = 'login/form_with_user.html'
+    template_name = 'otp/factor.html'
    form_class = OTPVerifyForm

+    def get_context_data(self, **kwargs):
+        kwargs = super().get_context_data(**kwargs)
+        kwargs['title'] = _('Enter Verification Code')
+        return kwargs
+
    def get(self, request, *args, **kwargs):
        """Check if User has OTP enabled and if OTP is enforced"""
        if not user_has_device(self.pending_user):
@ -27,7 +32,8 @@ class OTPFactor(FormView, AuthenticationFactor):
                LOGGER.debug("OTP is enforced, redirecting to setup")
                request.user = self.pending_user
                LOGGER.debug("Passing GET to EnableView")
-                return EnableView().dispatch(request)
+                messages.info(request, _('OTP is enforced. Please setup OTP.'))
+                return EnableView.as_view()(request)
            LOGGER.debug("OTP is not enforced, skipping form")
            return self.authenticator.user_ok()
        return super().get(request, *args, **kwargs)
@ -37,7 +43,7 @@ class OTPFactor(FormView, AuthenticationFactor):
        if OTP_SETTING_UP_KEY in request.session:
            LOGGER.debug("Passing POST to EnableView")
            request.user = self.pending_user
-            return EnableView().dispatch(request)
+            return EnableView.as_view()(request)
        return super().post(self, request, *args, **kwargs)

    def form_valid(self, form: OTPVerifyForm):
--- a/passbook/otp/templates/otp/factor.html
+++ b/passbook/otp/templates/otp/factor.html
@ -0,0 +1,8 @@
+{% extends 'login/form_with_user.html' %}
+
+{% load i18n %}
+
+{% block above_form %}
+{{ block.super }}
+<p><b>{% trans 'Enter the Verification Code from your Authenticator App.' %}</b></p>
+{% endblock %}
--- a/passbook/otp/views.py
+++ b/passbook/otp/views.py
@ -107,8 +107,8 @@ class EnableView(LoginRequiredMixin, FormView):
            self.static_device = StaticDevice(user=request.user, confirmed=False)
            self.static_device.save()
            # Create 9 tokens and save them
-            # pylint: disable=unused-variable
-            for counter in range(0, 9):
+            # TODO: Send static tokens via E-Mail
+            for _counter in range(0, 9):
                token = StaticToken(device=self.static_device, token=StaticToken.random_token())
                token.save()
        else: