commit
aa704bc4db
|
@ -28,6 +28,8 @@ WSGI_APPLICATION = 'bornhack.wsgi.application'
|
|||
ASGI_APPLICATION = 'bornhack.routing.application'
|
||||
ROOT_URLCONF = 'bornhack.urls'
|
||||
|
||||
ACCOUNT_ADAPTER = 'allauth_2fa.adapter.OTPAdapter'
|
||||
|
||||
SITE_ID = 1
|
||||
|
||||
ADMINS = (
|
||||
|
@ -70,6 +72,10 @@ INSTALLED_APPS = [
|
|||
|
||||
'allauth',
|
||||
'allauth.account',
|
||||
'allauth_2fa',
|
||||
'django_otp',
|
||||
'django_otp.plugins.otp_totp',
|
||||
'django_otp.plugins.otp_static',
|
||||
'bootstrap3',
|
||||
'django_extensions',
|
||||
'reversion',
|
||||
|
@ -134,6 +140,7 @@ MIDDLEWARE = [
|
|||
'django.middleware.common.CommonMiddleware',
|
||||
'django.middleware.csrf.CsrfViewMiddleware',
|
||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||
'django_otp.middleware.OTPMiddleware',
|
||||
'django.contrib.messages.middleware.MessageMiddleware',
|
||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||
]
|
||||
|
|
|
@ -1,22 +1,22 @@
|
|||
from django.urls import include, path
|
||||
from allauth.account.views import LoginView, LogoutView
|
||||
from django.conf.urls import include
|
||||
from django.contrib import admin
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.urls import path
|
||||
from django.views.decorators.csrf import csrf_exempt
|
||||
|
||||
from allauth.account.views import (
|
||||
LoginView,
|
||||
LogoutView,
|
||||
)
|
||||
from graphene_django.views import GraphQLView
|
||||
|
||||
from bar.views import MenuView
|
||||
from camps.views import *
|
||||
from feedback.views import FeedbackCreate
|
||||
from info.views import *
|
||||
from villages.views import *
|
||||
from people.views import *
|
||||
from program.views import *
|
||||
from sponsors.views import *
|
||||
from people.views import *
|
||||
from bar.views import MenuView
|
||||
from villages.views import *
|
||||
|
||||
# require 2fa token entry (if enabled on admin account) when logging into /admin by using allauth login form
|
||||
admin.site.login = login_required(admin.site.login)
|
||||
|
||||
urlpatterns = [
|
||||
path(
|
||||
|
@ -66,6 +66,7 @@ urlpatterns = [
|
|||
name='general-terms'
|
||||
),
|
||||
path('accounts/', include('allauth.urls')),
|
||||
path('accounts/', include('allauth_2fa.urls')),
|
||||
path('admin/', admin.site.urls),
|
||||
|
||||
# We don't need CSRF checks for the API
|
||||
|
|
24
src/profiles/templates/allauth_2fa/authenticate.html
Normal file
24
src/profiles/templates/allauth_2fa/authenticate.html
Normal file
|
@ -0,0 +1,24 @@
|
|||
{% extends 'base.html' %}
|
||||
|
||||
{% load bootstrap3 %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block content %}
|
||||
<div class="row">
|
||||
<div class="col-md-6 col-md-offset-3">
|
||||
<h1 class="text-center">
|
||||
{% trans "Two-Factor Authentication" %}
|
||||
</h1>
|
||||
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
{% bootstrap_form form %}
|
||||
|
||||
<button type="submit"
|
||||
class="btn btn-black form-control">
|
||||
{% trans 'Authenticate' %}
|
||||
</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
35
src/profiles/templates/allauth_2fa/backup_tokens.html
Normal file
35
src/profiles/templates/allauth_2fa/backup_tokens.html
Normal file
|
@ -0,0 +1,35 @@
|
|||
{% extends 'profile_base.html' %}
|
||||
|
||||
{% load account %}
|
||||
{% load bootstrap3 %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block profile_content %}
|
||||
<div class="row">
|
||||
<div class="col-md-12">
|
||||
<h1>
|
||||
{% trans "Two-Factor Authentication Backup Tokens" %}
|
||||
</h1>
|
||||
|
||||
<ul>
|
||||
{% for token in backup_tokens %}
|
||||
<li>{{ token.token }}</li>
|
||||
|
||||
{% empty %}
|
||||
{% trans 'No tokens. Press the button below to generate some.' %}
|
||||
|
||||
{% endfor %}
|
||||
</ul>
|
||||
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
<div class="buttonHolder">
|
||||
<button class="btn btn-black" type="submit">
|
||||
{% trans 'Generate backup tokens' %}
|
||||
</button>
|
||||
<a class="btn btn-warning" href="{% url 'two-factor-remove' %}">Disable Two-Factor</a>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
24
src/profiles/templates/allauth_2fa/remove.html
Normal file
24
src/profiles/templates/allauth_2fa/remove.html
Normal file
|
@ -0,0 +1,24 @@
|
|||
{% extends 'profile_base.html' %}
|
||||
|
||||
{% load account %}
|
||||
{% load bootstrap3 %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block profile_content %}
|
||||
<div class="row">
|
||||
<div class="col-md-12">
|
||||
<h1>
|
||||
{% trans "Disable Two-Factor Authentication" %}
|
||||
</h1>
|
||||
|
||||
<p>{% trans "Are you sure?" %}</p>
|
||||
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
<button class="btn btn-danger" type="submit">
|
||||
{% trans 'Disable Two-Factor' %}
|
||||
</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
41
src/profiles/templates/allauth_2fa/setup.html
Normal file
41
src/profiles/templates/allauth_2fa/setup.html
Normal file
|
@ -0,0 +1,41 @@
|
|||
{% extends 'profile_base.html' %}
|
||||
|
||||
{% load account %}
|
||||
{% load bootstrap3 %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block profile_content %}
|
||||
<div class="row">
|
||||
<div class="col-md-12">
|
||||
<h1>
|
||||
{% trans "Setup Two-Factor Authentication" %}
|
||||
</h1>
|
||||
|
||||
<h4>
|
||||
{% trans 'Step 1' %}:
|
||||
</h4>
|
||||
|
||||
<p>
|
||||
{% trans 'Scan the QR code below with a token generator of your choice (for instance Google Authenticator).' %}
|
||||
</p>
|
||||
|
||||
<img src="{% url 'two-factor-qr-code' %}" />
|
||||
|
||||
<h4>
|
||||
{% trans 'Step 2' %}:
|
||||
</h4>
|
||||
|
||||
<p>
|
||||
{% trans 'Input a token generated by the app:' %}
|
||||
</p>
|
||||
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
{% bootstrap_form form %}
|
||||
<button class="btn btn-black" type="submit">
|
||||
{% trans 'Verify' %}
|
||||
</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
|
@ -4,6 +4,9 @@
|
|||
<a href="{% url 'account_change_password' %}" class="btn btn-black">
|
||||
Password
|
||||
</a>
|
||||
<a href="{% url 'two-factor-setup' %}" class="btn btn-black">
|
||||
Two-Factor settings
|
||||
</a>
|
||||
<a href="{% url 'account_email' %}" class="btn btn-black">
|
||||
Manage emails
|
||||
</a>
|
||||
|
|
|
@ -10,6 +10,7 @@ asyncio==3.4.3
|
|||
bleach==3.1.0
|
||||
defusedxml==0.5.0
|
||||
django-allauth==0.39.1
|
||||
django-allauth-2fa==0.6
|
||||
django-bleach==0.5.2
|
||||
django-bootstrap3==11.0.0
|
||||
django-extensions==2.1.6
|
||||
|
|
Loading…
Reference in a new issue