Webauthn
This package contains views related to the multi-factor-authentication login with FIDO2.
The 2FA login process with FIDO2 is as follows:
User tries to login with the
LoginView
If the user has at least one
FidoKey
configured, the login is delayed and the user is redirected toWebAuthnLoginView
A 2FA assertion challenge is requested via an AJAX call to
WebAuthnAssertView
The browser sends the challenge to the FIDO key token and receives an assertion response
The key’s assertion response is also sent via AJAX to
WebAuthnVerifyView
If the validation was successful, the user is logged in and redirected to the entry dashboard
If the validation was not successful, an error message it displayed and the user can try again
Webauthn Assert View
- class integreat_cms.cms.views.authentication.webauthn.webauthn_assert_view.WebAuthnAssertView(**kwargs)[source]
Bases:
View
Generate challenge for multi factor authentication. If the user did not provide the first factor (password) or already authenticated with multiple factors, an error is returned. This AJAX view is called asynchronously by JavaScript.
- __init__(**kwargs)[source]
Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.
Webauthn Login View
- class integreat_cms.cms.views.authentication.webauthn.webauthn_login_view.WebAuthnLoginView(**kwargs)[source]
Bases:
LoginView
View to extend the default login behavior from
LoginView
with multi-factor-authentication.- __init__(**kwargs)[source]
Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.
- form_class[source]
alias of
AuthenticationForm
- get(request: HttpRequest, *args: Any, **kwargs: Any) HttpResponse [source]
Renders the login form for TOTP authentication
- Parameters:
request (HttpRequest) – The current request
*args (Any) – The supplied arguments
**kwargs (Any) – The supplied kwargs
- Returns:
Rendered login form
- Return type:
HttpResponse
- get_template_names()[source]
Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.
- post(request, *args, **kwargs)[source]
Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.
- render_to_response(context, **response_kwargs)[source]
Return a response, using the response_class for this view, with a template rendered with the given context.
Pass response_kwargs to the constructor of the response class.
- response_class[source]
alias of
TemplateResponse
- template_name = 'authentication/login_webauthn.html'[source]
The template to render (see
TemplateResponseMixin
)
Webauthn Verify View
- class integreat_cms.cms.views.authentication.webauthn.webauthn_verify_view.WebAuthnVerifyView(**kwargs)[source]
Bases:
View
Verify the response to the challenge generated in
WebAuthnAssertView
. After a successful verification, the user is logged in.- __init__(**kwargs)[source]
Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.