Webauthn

This package contains views related to registering and deleting multi-factor-authentication keys.

Registering a FIDO key works as follows:

  1. User needs to re-authenticate via AuthenticateModifyMfaView

  2. RegisterUserFidoKeyView is requested via GET to render the form

  3. When submitting the form, GetMfaChallengeView is requested via an AJAX call to receive a registration challenge

  4. The challenge is verified via an AJAX call to RegisterUserFidoKeyView via POST

  5. If the verification was successful and the key was successfully registered, the user is redirected to the UserSettingsView

  6. If the validation was not successful, an error message it displayed and the user can try again

Deleting a FIDO key works as follows:

  1. User needs to re-authenticate via AuthenticateModifyMfaView

  2. DeleteUserFidoKeyView is requested via GET to render the confirmation form

  3. DeleteUserFidoKeyView is requested via POST to submit the confirmation form and delete the key from the database

Authenticate Modify MFA View

This module contains all views related to multi-factor authentication

class integreat_cms.cms.views.settings.webauthn.authenticate_modify_mfa_view.AuthenticateModifyMfaView(**kwargs)[source]

Bases: FormView

View to authenticate a user before changing the mfa settings

__init__(**kwargs)[source]

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)[source]

Main entry point for a request-response process.

content_type = None[source]
dispatch(request, *args, **kwargs)[source]
extra_context = None[source]
form_class[source]

The form class for this form view (see FormMixin)

Form fields:

alias of AuthenticationForm

form_invalid(form)[source]

If the form is invalid, render the invalid form.

form_valid(form: AuthenticationForm) HttpResponse[source]

This function overwrites form_valid() which is called if the AuthenticationForm is valid. In case the user provided correct credentials, the current time is saved in a session variable so a timeout of the authentication can be implemented.

Parameters:

form (AuthenticationForm) – Authentication form

Returns:

Redirect user to mfa login view or to LOGIN_REDIRECT_URL

Return type:

HttpResponse

get(request, *args, **kwargs)[source]

Handle GET requests: instantiate a blank version of the form.

get_context_data(**kwargs)[source]

Insert the form into the context dict.

get_form(form_class=None)[source]

Return an instance of the form to be used in this view.

get_form_class()[source]

Return the form class to use.

get_form_kwargs()[source]

Return the keyword arguments for instantiating the form.

get_initial()[source]

Return the initial data to use for forms on this view.

get_prefix()[source]

Return the prefix to use for forms.

get_success_url() str[source]

Determine the URL to redirect to when the user is authenticated successfully

Returns:

The url to redirect on success

Return type:

str

get_template_names()[source]

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace'][source]
http_method_not_allowed(request, *args, **kwargs)[source]
initial = {}[source]
options(request, *args, **kwargs)[source]

Handle responding to requests for the OPTIONS HTTP verb.

post(request, *args, **kwargs)[source]

Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.

prefix = None[source]
put(*args, **kwargs)[source]
render_to_response(context, **response_kwargs)[source]

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class[source]

alias of TemplateResponse

setup(request, *args, **kwargs)[source]

Initialize attributes shared by all view methods.

success_url = None[source]
template_engine = None[source]
template_name = 'settings/mfa/authenticate.html'[source]

The template to render (see TemplateResponseMixin)

view_is_async = False[source]

Delete User Fido Key View

This module contains all views related to multi-factor authentication

class integreat_cms.cms.views.settings.webauthn.delete_user_fido_key_view.DeleteUserFidoKeyView(**kwargs)[source]

Bases: TemplateView

View to delete a multi-factor-authentication key

__init__(**kwargs)[source]

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)[source]

Main entry point for a request-response process.

content_type = None[source]
dispatch(request, *args, **kwargs)[source]
extra_context = None[source]
get(request: HttpRequest, *args: Any, **kwargs: Any) HttpResponse[source]

Render mfa-deletion view

Parameters:
  • request (HttpRequest) – The current request

  • *args (Any) – The supplied arguments

  • **kwargs (Any) – The supplied keyword arguments

Returns:

The rendered template response

Return type:

HttpResponse

get_context_data(**kwargs)[source]
get_template_names()[source]

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace'][source]
http_method_not_allowed(request, *args, **kwargs)[source]
options(request, *args, **kwargs)[source]

Handle responding to requests for the OPTIONS HTTP verb.

post(request: HttpRequest, **kwargs: Any) HttpResponseRedirect[source]

Delete a multi-factor-authentication key

Parameters:
  • request (HttpRequest) – The current request

  • **kwargs (Any) – The supplied keyword arguments

Returns:

A redirection to the account settings

Return type:

HttpResponseRedirect

render_to_response(context, **response_kwargs)[source]

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class[source]

alias of TemplateResponse

setup(request, *args, **kwargs)[source]

Initialize attributes shared by all view methods.

template_engine = None[source]
template_name = 'settings/mfa/delete.html'[source]

The template to render (see TemplateResponseMixin)

view_is_async = False[source]

Get MFA Challenge View

This module contains all views related to multi-factor authentication

class integreat_cms.cms.views.settings.webauthn.get_mfa_challenge_view.GetMfaChallengeView(**kwargs)[source]

Bases: View

View to generate a challenge for multi-factor-authentication

__init__(**kwargs)[source]

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)[source]

Main entry point for a request-response process.

dispatch(request, *args, **kwargs)[source]
get(request: HttpRequest, *args: Any, **kwargs: Any) HttpResponse[source]

Return MFA challenge

Parameters:
  • request (HttpRequest) – The current request

  • *args (Any) – The supplied arguments

  • **kwargs (Any) – The supplied keyword arguments

Returns:

The mfa challenge as JSON

Return type:

HttpResponse

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace'][source]
http_method_not_allowed(request, *args, **kwargs)[source]
options(request, *args, **kwargs)[source]

Handle responding to requests for the OPTIONS HTTP verb.

setup(request, *args, **kwargs)[source]

Initialize attributes shared by all view methods.

view_is_async = False[source]

Register User Fido Key View

class integreat_cms.cms.views.settings.webauthn.register_user_fido_key_view.RegisterUserFidoKeyView(**kwargs)[source]

Bases: CreateView

View to render a form for creating FidoKey objects

__init__(**kwargs)[source]

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)[source]

Main entry point for a request-response process.

content_type = None[source]
context_object_name = None[source]
dispatch(request, *args, **kwargs)[source]
extra_context = None[source]
fields = ['name'][source]

The fields of the model which should be handled by this create view

form_class = None[source]
form_invalid(form)[source]

If the form is invalid, render the invalid form.

form_valid(form)[source]

If the form is valid, save the associated model.

get(request, *args, **kwargs)[source]

Handle GET requests: instantiate a blank version of the form.

get_context_data(**kwargs)[source]

Insert the form into the context dict.

get_context_object_name(obj)[source]

Get the name to use for the object.

get_form(form_class=None)[source]

Return an instance of the form to be used in this view.

get_form_class()[source]

Return the form class to use in this view.

get_form_kwargs()[source]

Return the keyword arguments for instantiating the form.

get_initial()[source]

Return the initial data to use for forms on this view.

get_object(queryset=None)[source]

Return the object the view is displaying.

Require self.queryset and a pk or slug argument in the URLconf. Subclasses can override this to return any object.

get_prefix()[source]

Return the prefix to use for forms.

get_queryset()[source]

Return the QuerySet that will be used to look up the object.

This method is called by the default implementation of get_object() and may not be called if get_object() is overridden.

get_slug_field()[source]

Get the name of a slug field to be used to look up by slug.

get_success_url()[source]

Return the URL to redirect to after processing a valid form.

get_template_names()[source]

Return a list of template names to be used for the request. May not be called if render_to_response() is overridden. Return the following list:

  • the value of template_name on the view (if provided)

  • the contents of the template_name_field field on the object instance that the view is operating upon (if available)

  • <app_label>/<model_name><template_name_suffix>.html

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace'][source]
http_method_not_allowed(request, *args, **kwargs)[source]
initial = {}[source]
model[source]

The model of this CreateView

Parameters:

Relationship fields:

Parameters:

user (ForeignKey to User) – User (related name: fido_keys)

alias of FidoKey

options(request, *args, **kwargs)[source]

Handle responding to requests for the OPTIONS HTTP verb.

pk_url_kwarg = 'pk'[source]
post(request: HttpRequest, *args: Any, **kwargs: Any) HttpResponse[source]

Verify a registration challenge and register a 2-FA key. Called asynchronously by JavaScript.

Parameters:
  • request (HttpRequest) – The current request

  • *args (Any) – The supplied arguments

  • **kwargs (Any) – The supplied keyword arguments

Returns:

The JSON response

Return type:

HttpResponse

prefix = None[source]
put(*args, **kwargs)[source]
query_pk_and_slug = False[source]
queryset = None[source]
render_to_response(context, **response_kwargs)[source]

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class[source]

alias of TemplateResponse

setup(request, *args, **kwargs)[source]

Initialize attributes shared by all view methods.

slug_field = 'slug'[source]
slug_url_kwarg = 'slug'[source]
success_url = None[source]
template_engine = None[source]
template_name = 'settings/mfa/add_key.html'[source]

The template to render (see TemplateResponseMixin)

template_name_field = None[source]
template_name_suffix = '_form'[source]
view_is_async = False[source]