Webauthn
This package contains views related to registering and deleting multi-factor-authentication keys.
Registering a FIDO key works as follows:
User needs to re-authenticate via
AuthenticateModifyMfaView
RegisterUserFidoKeyView
is requested viaGET
to render the formWhen submitting the form,
GetMfaChallengeView
is requested via an AJAX call to receive a registration challengeThe challenge is verified via an AJAX call to
RegisterUserFidoKeyView
viaPOST
If the verification was successful and the key was successfully registered, the user is redirected to the
UserSettingsView
If the validation was not successful, an error message it displayed and the user can try again
Deleting a FIDO key works as follows:
User needs to re-authenticate via
AuthenticateModifyMfaView
DeleteUserFidoKeyView
is requested viaGET
to render the confirmation formDeleteUserFidoKeyView
is requested viaPOST
to submit the confirmation form and delete the key from the database
Authenticate Modify MFA View
This module contains all views related to multi-factor authentication
- class integreat_cms.cms.views.settings.webauthn.authenticate_modify_mfa_view.AuthenticateModifyMfaView(**kwargs)[source]
Bases:
FormView
View to authenticate a user before changing the mfa settings
- __init__(**kwargs)[source]
Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.
- form_class[source]
The form class for this form view (see
FormMixin
)Form fields:
password
: Password (CharField
)
alias of
AuthenticationForm
- form_valid(form: AuthenticationForm) HttpResponse [source]
This function overwrites
form_valid()
which is called if theAuthenticationForm
is valid. In case the user provided correct credentials, the current time is saved in a session variable so a timeout of the authentication can be implemented.- Parameters:
form (AuthenticationForm) – Authentication form
- Returns:
Redirect user to mfa login view or to
LOGIN_REDIRECT_URL
- Return type:
HttpResponse
- get(request, *args, **kwargs)[source]
Handle GET requests: instantiate a blank version of the form.
- get_success_url() str [source]
Determine the URL to redirect to when the user is authenticated successfully
- Returns:
The url to redirect on success
- Return type:
- get_template_names()[source]
Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.
- post(request, *args, **kwargs)[source]
Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.
- render_to_response(context, **response_kwargs)[source]
Return a response, using the response_class for this view, with a template rendered with the given context.
Pass response_kwargs to the constructor of the response class.
- response_class[source]
alias of
TemplateResponse
- template_name = 'settings/mfa/authenticate.html'[source]
The template to render (see
TemplateResponseMixin
)
Delete User Fido Key View
This module contains all views related to multi-factor authentication
- class integreat_cms.cms.views.settings.webauthn.delete_user_fido_key_view.DeleteUserFidoKeyView(**kwargs)[source]
Bases:
TemplateView
View to delete a multi-factor-authentication key
- __init__(**kwargs)[source]
Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.
- get(request: HttpRequest, *args: Any, **kwargs: Any) HttpResponse [source]
Render mfa-deletion view
- Parameters:
request (HttpRequest) – The current request
*args (Any) – The supplied arguments
**kwargs (Any) – The supplied keyword arguments
- Returns:
The rendered template response
- Return type:
HttpResponse
- get_template_names()[source]
Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.
- post(request: HttpRequest, **kwargs: Any) HttpResponseRedirect [source]
Delete a multi-factor-authentication key
- Parameters:
request (HttpRequest) – The current request
**kwargs (Any) – The supplied keyword arguments
- Returns:
A redirection to the account settings
- Return type:
HttpResponseRedirect
- render_to_response(context, **response_kwargs)[source]
Return a response, using the response_class for this view, with a template rendered with the given context.
Pass response_kwargs to the constructor of the response class.
- response_class[source]
alias of
TemplateResponse
- template_name = 'settings/mfa/delete.html'[source]
The template to render (see
TemplateResponseMixin
)
Get MFA Challenge View
This module contains all views related to multi-factor authentication
- class integreat_cms.cms.views.settings.webauthn.get_mfa_challenge_view.GetMfaChallengeView(**kwargs)[source]
Bases:
View
View to generate a challenge for multi-factor-authentication
- __init__(**kwargs)[source]
Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.
Register User Fido Key View
- class integreat_cms.cms.views.settings.webauthn.register_user_fido_key_view.RegisterUserFidoKeyView(**kwargs)[source]
Bases:
CreateView
View to render a form for creating
FidoKey
objects- __init__(**kwargs)[source]
Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.
- get(request, *args, **kwargs)[source]
Handle GET requests: instantiate a blank version of the form.
- get_object(queryset=None)[source]
Return the object the view is displaying.
Require self.queryset and a pk or slug argument in the URLconf. Subclasses can override this to return any object.
- get_queryset()[source]
Return the QuerySet that will be used to look up the object.
This method is called by the default implementation of get_object() and may not be called if get_object() is overridden.
- get_template_names()[source]
Return a list of template names to be used for the request. May not be called if render_to_response() is overridden. Return the following list:
the value of
template_name
on the view (if provided)the contents of the
template_name_field
field on the object instance that the view is operating upon (if available)<app_label>/<model_name><template_name_suffix>.html
- model[source]
The model of this
CreateView
- Parameters:
id (BigAutoField) – Primary key: ID
name (CharField) – Key name
key_id (BinaryField) – WebAuthn ID
public_key (BinaryField) – Multi-factor-authentication public key
sign_count (IntegerField) – Sign count. Token to prevent replay attacks.
last_usage (DateTimeField) – Last date of use
created_at (DateTimeField) – Creation date
Relationship fields:
- Parameters:
user (
ForeignKey
toUser
) – User (related name:fido_keys
)
alias of
FidoKey
- post(request: HttpRequest, *args: Any, **kwargs: Any) HttpResponse [source]
Verify a registration challenge and register a 2-FA key. Called asynchronously by JavaScript.
- Parameters:
request (HttpRequest) – The current request
*args (Any) – The supplied arguments
**kwargs (Any) – The supplied keyword arguments
- Returns:
The JSON response
- Return type:
HttpResponse
- render_to_response(context, **response_kwargs)[source]
Return a response, using the response_class for this view, with a template rendered with the given context.
Pass response_kwargs to the constructor of the response class.
- response_class[source]
alias of
TemplateResponse
- template_name = 'settings/mfa/add_key.html'[source]
The template to render (see
TemplateResponseMixin
)