Skip to content
Snippets Groups Projects
Verified Commit b789b2a9 authored by f00wl's avatar f00wl
Browse files

Refactoring TOTP verification process

parent 335ff184
No related branches found
No related tags found
1 merge request!31Resolve "Support du 2FA TOTP"
Hide whitespace changes
Inline Side-by-side
Showing
with 6 additions and 6 deletions
hiboo/account/login.py
+ 6
6
View file @ b789b2a9
...@@ -30,18 +30,18 @@ def signin(): ...@@ -30,18 +30,18 @@ def signin():
@blueprint.route("/totp/verify", methods=["GET", "POST"]) @blueprint.route("/totp/verify", methods=["GET", "POST"])
def totp_verify(): def totp_verify():
form = forms.TotpForm() form = forms.TotpForm()
if "username" not in session: if "username" in session:
user = models.User.query.filter_by(username=session["username"]).first() or flask.abort(403)
else:
return flask.redirect(flask.url_for(".signin")) return flask.redirect(flask.url_for(".signin"))
if form.validate_on_submit(): if form.validate_on_submit():
user = models.User.query.filter_by(username=session["username"]).first() if user.auths["totp"].check_totp(form.totp.data):
if user and user.auths["totp"].check_totp(form.totp.data):
flask_login.login_user(user) flask_login.login_user(user)
session.pop("username") session.pop("username")
return flask.redirect(utils.url_or_intent(".home")) return flask.redirect(utils.url_or_intent(".home"))
else: else:
flask.flash(_("Wrong password"), "danger") flask.flash(_("Wrong TOTP"), "danger")
return flask.render_template("account_totp_verify.html", form=form, return flask.render_template("account_totp_verify.html", form=form)
action=utils.url_for(".totp_verify"))
@blueprint.route("/signout") @blueprint.route("/signout")
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment