Webauthn

This package contains views related to registering and deleting multi-factor-authentication keys.

Registering a FIDO key works as follows:

User needs to re-authenticate via AuthenticateModifyMfaView
RegisterUserFidoKeyView is requested via GET to render the form
When submitting the form, GetMfaChallengeView is requested via an AJAX call to receive a registration challenge
The challenge is verified via an AJAX call to RegisterUserFidoKeyView via POST
If the verification was successful and the key was successfully registered, the user is redirected to the UserSettingsView
If the validation was not successful, an error message it displayed and the user can try again

Deleting a FIDO key works as follows:

User needs to re-authenticate via AuthenticateModifyMfaView
DeleteUserFidoKeyView is requested via GET to render the confirmation form
DeleteUserFidoKeyView is requested via POST to submit the confirmation form and delete the key from the database

Authenticate Modify MFA View

This module contains all views related to multi-factor authentication

class integreat_cms.cms.views.settings.webauthn.authenticate_modify_mfa_view.AuthenticateModifyMfaView(**kwargs)[source]

Bases: FormView

View to authenticate a user before changing the mfa settings

form_class[source]

The form class for this form view (see FormMixin)

Form fields:

password: Password (CharField)

alias of AuthenticationForm

form_valid(form: AuthenticationForm) → HttpResponse[source]

This function overwrites form_valid() which is called if the AuthenticationForm is valid. In case the user provided correct credentials, the current time is saved in a session variable so a timeout of the authentication can be implemented.

Parameters:: form (AuthenticationForm) – Authentication form
Returns:: Redirect user to mfa login view or to LOGIN_REDIRECT_URL
Return type:: HttpResponse

get_success_url() → str[source]

Determine the URL to redirect to when the user is authenticated successfully

Returns:: The url to redirect on success
Return type:: str

template_name = 'settings/mfa/authenticate.html'[source]: The template to render (see TemplateResponseMixin)

Delete User Fido Key View

This module contains all views related to multi-factor authentication

class integreat_cms.cms.views.settings.webauthn.delete_user_fido_key_view.DeleteUserFidoKeyView(**kwargs)[source]

Bases: TemplateView

View to delete a multi-factor-authentication key

get(request: HttpRequest, *args: Any, **kwargs: Any) → HttpResponse[source]

Render mfa-deletion view

Parameters:

request (HttpRequest) – The current request
*args (Any) – The supplied arguments
**kwargs (Any) – The supplied keyword arguments

Returns:

The rendered template response

Return type:

HttpResponse

post(request: HttpRequest, **kwargs: Any) → HttpResponseRedirect[source]

Delete a multi-factor-authentication key

Parameters:

request (HttpRequest) – The current request
**kwargs (Any) – The supplied keyword arguments

Returns:

A redirection to the account settings

Return type:

HttpResponseRedirect

template_name = 'settings/mfa/delete.html'[source]: The template to render (see TemplateResponseMixin)

Get MFA Challenge View

This module contains all views related to multi-factor authentication

class integreat_cms.cms.views.settings.webauthn.get_mfa_challenge_view.GetMfaChallengeView(**kwargs)[source]

Bases: View

View to generate a challenge for multi-factor-authentication

get(request: HttpRequest, *args: Any, **kwargs: Any) → HttpResponse[source]

Return MFA challenge

Parameters:

request (HttpRequest) – The current request
*args (Any) – The supplied arguments
**kwargs (Any) – The supplied keyword arguments

Returns:

The mfa challenge as JSON

Return type:

HttpResponse

Register User Fido Key View

class integreat_cms.cms.views.settings.webauthn.register_user_fido_key_view.RegisterUserFidoKeyView(**kwargs)[source]

Bases: CreateView

View to render a form for creating FidoKey objects

fields = ['name'][source]: The fields of the model which should be handled by this create view

model[source]

The model of this CreateView

Parameters:

id (BigAutoField) – Primary key: ID
name (CharField) – Key name
key_id (BinaryField) – WebAuthn ID
public_key (BinaryField) – Multi-factor-authentication public key
sign_count (IntegerField) – Sign count. Token to prevent replay attacks.
last_usage (DateTimeField) – Last date of use
created_at (DateTimeField) – Creation date

Relationship fields:

Parameters:: user (ForeignKey to User) – User (related name: fido_keys)

alias of FidoKey

post(request: HttpRequest, *args: Any, **kwargs: Any) → HttpResponse[source]

Verify a registration challenge and register a 2-FA key. Called asynchronously by JavaScript.

Parameters:

request (HttpRequest) – The current request
*args (Any) – The supplied arguments
**kwargs (Any) – The supplied keyword arguments

Returns:

The JSON response

Return type:

HttpResponse

template_name = 'settings/mfa/add_key.html'[source]: The template to render (see TemplateResponseMixin)