infrastructure/blender-id
0
4
Fork 0
Code Issues 11 Pull Requests Projects Releases Wiki Activity

Initial mfa support (for internal users) #93591

Merged
Oleg-Komarov merged 46 commits from mfa into main 2024-08-29 11:44:06 +02:00
Conversation 0 Commits 46 Files Changed 45 +2 -2
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 7d0aa08001 - Show all commits

2
bid_main/templates/bid_main/mfa/setup.html
View File

@ -65,7 +65,7 @@ Multi-factor Authentication Setup
{% if recovery_codes %}
<ul>
{% for code in recovery_codes %}
<li>{{ code }}</li>
<li><code>{{ code }}</code></li>
{% endfor %}
</ul>
{% endif %}

2
bid_main/views/mfa.py
View File

@ -70,7 +70,7 @@ class GenerateRecoveryView(mixins.MfaRequiredIfConfiguredMixin, View):
# https://pages.nist.gov/800-63-3/sp800-63b.html#5122-look-up-secret-verifiers
# don't use less than 64 bits
device.token_set.create(token=random_hex(8).upper())
Oleg-Komarov marked this conversation as resolved Outdated
Anna Sirota commented 2024-08-27 13:36:41 +02:00
Outdated
Review
Copy Link

DevFund and other services use send_mail_* for the most part: it's easier to parse visually

DevFund and other services use `send_mail_*` for the most part: it's easier to parse visually
return redirect(reverse('bid_main:mfa') + '?display_recovery_codes=1')
return redirect(reverse('bid_main:mfa') + '?display_recovery_codes=1#recovery-codes')
class InvalidateRecoveryView(mixins.MfaRequiredIfConfiguredMixin, View):