forked from rDrama/rDrama
2fa -> two-factor authentication
parent
e00c95451f
commit
5b80166bed
|
@ -482,7 +482,7 @@ def post_reset(v:Optional[User]):
|
||||||
@limiter.limit(DEFAULT_RATELIMIT)
|
@limiter.limit(DEFAULT_RATELIMIT)
|
||||||
@auth_desired
|
@auth_desired
|
||||||
def lost_2fa(v:Optional[User]):
|
def lost_2fa(v:Optional[User]):
|
||||||
if v and not v.mfa_secret: abort(400, "You don't have 2FA enabled")
|
if v and not v.mfa_secret: abort(400, "You don't have two-factor authentication enabled")
|
||||||
return render_template("login/lost_2fa.html", v=v)
|
return render_template("login/lost_2fa.html", v=v)
|
||||||
|
|
||||||
@app.post("/lost_2fa")
|
@app.post("/lost_2fa")
|
||||||
|
@ -514,7 +514,7 @@ def lost_2fa_post():
|
||||||
action_url=f"{SITE_FULL}/reset_2fa?id={user.id}&t={valid}&token={token}"
|
action_url=f"{SITE_FULL}/reset_2fa?id={user.id}&t={valid}&token={token}"
|
||||||
|
|
||||||
send_mail(to_address=user.email,
|
send_mail(to_address=user.email,
|
||||||
subject="2FA Removal Request",
|
subject="Two-factor Authentication Removal Request",
|
||||||
html=render_template("email/2fa_remove.html",
|
html=render_template("email/2fa_remove.html",
|
||||||
action_url=action_url,
|
action_url=action_url,
|
||||||
v=user)
|
v=user)
|
||||||
|
@ -536,7 +536,7 @@ def reset_2fa():
|
||||||
abort(400)
|
abort(400)
|
||||||
|
|
||||||
if now > t+3600*24:
|
if now > t+3600*24:
|
||||||
abort(410, "This 2FA reset link has expired!")
|
abort(410, "This two-factor authentication reset link has expired!")
|
||||||
|
|
||||||
token=request.values.get("token")
|
token=request.values.get("token")
|
||||||
uid=request.values.get("id")
|
uid=request.values.get("id")
|
||||||
|
|
|
@ -131,7 +131,7 @@ def admin_level_required(x):
|
||||||
if not v: abort(401)
|
if not v: abort(401)
|
||||||
if v.admin_level < x: abort(403)
|
if v.admin_level < x: abort(403)
|
||||||
if x and SITE != 'devrama.net' and not IS_LOCALHOST and not v.mfa_secret:
|
if x and SITE != 'devrama.net' and not IS_LOCALHOST and not v.mfa_secret:
|
||||||
abort(403, "You need to enable 2FA to use admin features!")
|
abort(403, "You need to enable two-factor authentication to use admin features!")
|
||||||
return make_response(f(*args, v=v, **kwargs))
|
return make_response(f(*args, v=v, **kwargs))
|
||||||
|
|
||||||
wrapper.__name__ = f.__name__
|
wrapper.__name__ = f.__name__
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
<div class="overflow-x-auto><table width="100%" border="0" cellspacing="0" cellpadding="0">
|
<div class="overflow-x-auto><table width="100%" border="0" cellspacing="0" cellpadding="0">
|
||||||
<tr>
|
<tr>
|
||||||
<td align="center">
|
<td align="center">
|
||||||
<a href="{{action_url}}" class="f-fallback button" target="_blank">Remove 2FA</a>
|
<a href="{{action_url}}" class="f-fallback button" target="_blank">Remove two-factor authentication</a>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
<input hidden name="hash" value="{{hash}}">
|
<input hidden name="hash" value="{{hash}}">
|
||||||
<label for="2fa_token" class="mt-3">Your verification code</label>
|
<label for="2fa_token" class="mt-3">Your verification code</label>
|
||||||
<input autocomplete="off" class="form-control" id="2fa_token" name="2fa_token" type="number" pattern="[0-9]" inputmode="numeric" placeholder="6-digit code">
|
<input autocomplete="off" class="form-control" id="2fa_token" name="2fa_token" type="number" pattern="[0-9]" inputmode="numeric" placeholder="6-digit code">
|
||||||
<small><a href="/lost_2fa">Lost your 2FA device?</a></small>
|
<small><a href="/lost_2fa">Lost your two-factor authentication device?</a></small>
|
||||||
<button type="submit" class="btn btn-primary login w-100 mt-3" id="login_button">Sign in</button>
|
<button type="submit" class="btn btn-primary login w-100 mt-3" id="login_button">Sign in</button>
|
||||||
</form>
|
</form>
|
||||||
<script defer src="{{'js/login_2fa.js' | asset}}"></script>
|
<script defer src="{{'js/login_2fa.js' | asset}}"></script>
|
||||||
|
|
Loading…
Reference in New Issue