commit
aa704bc4db
|
@ -28,6 +28,8 @@ WSGI_APPLICATION = 'bornhack.wsgi.application'
|
||||||
ASGI_APPLICATION = 'bornhack.routing.application'
|
ASGI_APPLICATION = 'bornhack.routing.application'
|
||||||
ROOT_URLCONF = 'bornhack.urls'
|
ROOT_URLCONF = 'bornhack.urls'
|
||||||
|
|
||||||
|
ACCOUNT_ADAPTER = 'allauth_2fa.adapter.OTPAdapter'
|
||||||
|
|
||||||
SITE_ID = 1
|
SITE_ID = 1
|
||||||
|
|
||||||
ADMINS = (
|
ADMINS = (
|
||||||
|
@ -70,6 +72,10 @@ INSTALLED_APPS = [
|
||||||
|
|
||||||
'allauth',
|
'allauth',
|
||||||
'allauth.account',
|
'allauth.account',
|
||||||
|
'allauth_2fa',
|
||||||
|
'django_otp',
|
||||||
|
'django_otp.plugins.otp_totp',
|
||||||
|
'django_otp.plugins.otp_static',
|
||||||
'bootstrap3',
|
'bootstrap3',
|
||||||
'django_extensions',
|
'django_extensions',
|
||||||
'reversion',
|
'reversion',
|
||||||
|
@ -134,6 +140,7 @@ MIDDLEWARE = [
|
||||||
'django.middleware.common.CommonMiddleware',
|
'django.middleware.common.CommonMiddleware',
|
||||||
'django.middleware.csrf.CsrfViewMiddleware',
|
'django.middleware.csrf.CsrfViewMiddleware',
|
||||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||||
|
'django_otp.middleware.OTPMiddleware',
|
||||||
'django.contrib.messages.middleware.MessageMiddleware',
|
'django.contrib.messages.middleware.MessageMiddleware',
|
||||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||||
]
|
]
|
||||||
|
|
|
@ -1,22 +1,22 @@
|
||||||
from django.urls import include, path
|
from allauth.account.views import LoginView, LogoutView
|
||||||
|
from django.conf.urls import include
|
||||||
from django.contrib import admin
|
from django.contrib import admin
|
||||||
from django.conf import settings
|
from django.contrib.auth.decorators import login_required
|
||||||
|
from django.urls import path
|
||||||
from django.views.decorators.csrf import csrf_exempt
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
|
|
||||||
from allauth.account.views import (
|
|
||||||
LoginView,
|
|
||||||
LogoutView,
|
|
||||||
)
|
|
||||||
from graphene_django.views import GraphQLView
|
from graphene_django.views import GraphQLView
|
||||||
|
|
||||||
|
from bar.views import MenuView
|
||||||
from camps.views import *
|
from camps.views import *
|
||||||
from feedback.views import FeedbackCreate
|
from feedback.views import FeedbackCreate
|
||||||
from info.views import *
|
from info.views import *
|
||||||
from villages.views import *
|
from people.views import *
|
||||||
from program.views import *
|
from program.views import *
|
||||||
from sponsors.views import *
|
from sponsors.views import *
|
||||||
from people.views import *
|
from villages.views import *
|
||||||
from bar.views import MenuView
|
|
||||||
|
# require 2fa token entry (if enabled on admin account) when logging into /admin by using allauth login form
|
||||||
|
admin.site.login = login_required(admin.site.login)
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path(
|
path(
|
||||||
|
@ -66,6 +66,7 @@ urlpatterns = [
|
||||||
name='general-terms'
|
name='general-terms'
|
||||||
),
|
),
|
||||||
path('accounts/', include('allauth.urls')),
|
path('accounts/', include('allauth.urls')),
|
||||||
|
path('accounts/', include('allauth_2fa.urls')),
|
||||||
path('admin/', admin.site.urls),
|
path('admin/', admin.site.urls),
|
||||||
|
|
||||||
# We don't need CSRF checks for the API
|
# We don't need CSRF checks for the API
|
||||||
|
|
24
src/profiles/templates/allauth_2fa/authenticate.html
Normal file
24
src/profiles/templates/allauth_2fa/authenticate.html
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
{% extends 'base.html' %}
|
||||||
|
|
||||||
|
{% load bootstrap3 %}
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-6 col-md-offset-3">
|
||||||
|
<h1 class="text-center">
|
||||||
|
{% trans "Two-Factor Authentication" %}
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
<form method="post">
|
||||||
|
{% csrf_token %}
|
||||||
|
{% bootstrap_form form %}
|
||||||
|
|
||||||
|
<button type="submit"
|
||||||
|
class="btn btn-black form-control">
|
||||||
|
{% trans 'Authenticate' %}
|
||||||
|
</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% endblock %}
|
35
src/profiles/templates/allauth_2fa/backup_tokens.html
Normal file
35
src/profiles/templates/allauth_2fa/backup_tokens.html
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
{% extends 'profile_base.html' %}
|
||||||
|
|
||||||
|
{% load account %}
|
||||||
|
{% load bootstrap3 %}
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
{% block profile_content %}
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-12">
|
||||||
|
<h1>
|
||||||
|
{% trans "Two-Factor Authentication Backup Tokens" %}
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
{% for token in backup_tokens %}
|
||||||
|
<li>{{ token.token }}</li>
|
||||||
|
|
||||||
|
{% empty %}
|
||||||
|
{% trans 'No tokens. Press the button below to generate some.' %}
|
||||||
|
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<form method="post">
|
||||||
|
{% csrf_token %}
|
||||||
|
<div class="buttonHolder">
|
||||||
|
<button class="btn btn-black" type="submit">
|
||||||
|
{% trans 'Generate backup tokens' %}
|
||||||
|
</button>
|
||||||
|
<a class="btn btn-warning" href="{% url 'two-factor-remove' %}">Disable Two-Factor</a>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% endblock %}
|
24
src/profiles/templates/allauth_2fa/remove.html
Normal file
24
src/profiles/templates/allauth_2fa/remove.html
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
{% extends 'profile_base.html' %}
|
||||||
|
|
||||||
|
{% load account %}
|
||||||
|
{% load bootstrap3 %}
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
{% block profile_content %}
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-12">
|
||||||
|
<h1>
|
||||||
|
{% trans "Disable Two-Factor Authentication" %}
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
<p>{% trans "Are you sure?" %}</p>
|
||||||
|
|
||||||
|
<form method="post">
|
||||||
|
{% csrf_token %}
|
||||||
|
<button class="btn btn-danger" type="submit">
|
||||||
|
{% trans 'Disable Two-Factor' %}
|
||||||
|
</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% endblock %}
|
41
src/profiles/templates/allauth_2fa/setup.html
Normal file
41
src/profiles/templates/allauth_2fa/setup.html
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
{% extends 'profile_base.html' %}
|
||||||
|
|
||||||
|
{% load account %}
|
||||||
|
{% load bootstrap3 %}
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
{% block profile_content %}
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-12">
|
||||||
|
<h1>
|
||||||
|
{% trans "Setup Two-Factor Authentication" %}
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
<h4>
|
||||||
|
{% trans 'Step 1' %}:
|
||||||
|
</h4>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
{% trans 'Scan the QR code below with a token generator of your choice (for instance Google Authenticator).' %}
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<img src="{% url 'two-factor-qr-code' %}" />
|
||||||
|
|
||||||
|
<h4>
|
||||||
|
{% trans 'Step 2' %}:
|
||||||
|
</h4>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
{% trans 'Input a token generated by the app:' %}
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<form method="post">
|
||||||
|
{% csrf_token %}
|
||||||
|
{% bootstrap_form form %}
|
||||||
|
<button class="btn btn-black" type="submit">
|
||||||
|
{% trans 'Verify' %}
|
||||||
|
</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% endblock %}
|
|
@ -4,6 +4,9 @@
|
||||||
<a href="{% url 'account_change_password' %}" class="btn btn-black">
|
<a href="{% url 'account_change_password' %}" class="btn btn-black">
|
||||||
Password
|
Password
|
||||||
</a>
|
</a>
|
||||||
|
<a href="{% url 'two-factor-setup' %}" class="btn btn-black">
|
||||||
|
Two-Factor settings
|
||||||
|
</a>
|
||||||
<a href="{% url 'account_email' %}" class="btn btn-black">
|
<a href="{% url 'account_email' %}" class="btn btn-black">
|
||||||
Manage emails
|
Manage emails
|
||||||
</a>
|
</a>
|
||||||
|
|
|
@ -10,6 +10,7 @@ asyncio==3.4.3
|
||||||
bleach==3.1.0
|
bleach==3.1.0
|
||||||
defusedxml==0.5.0
|
defusedxml==0.5.0
|
||||||
django-allauth==0.39.1
|
django-allauth==0.39.1
|
||||||
|
django-allauth-2fa==0.6
|
||||||
django-bleach==0.5.2
|
django-bleach==0.5.2
|
||||||
django-bootstrap3==11.0.0
|
django-bootstrap3==11.0.0
|
||||||
django-extensions==2.1.6
|
django-extensions==2.1.6
|
||||||
|
|
Loading…
Reference in a new issue